The joint development project is intended to add to the mandatory access controls already provided by Solaris Trusted Extensions.
Sun Microsystems said Thursday that it has signed an agreement with the U.S. National Security Agency to jointly develop new security mechanisms for OpenSolaris.
The two will work with the open source project, OpenSolaris.org, to integrate an additional form of mandatory access control.
The joint development project is intended to add to the mandatory access controls already provided by Solaris Trusted Extensions, and any additions will be evaluated and tested by the OpenSolaris community, said Jonathan Schwartz, Sun CEO, in making the announcement.
The two will use a Flask -- Flux Advanced Security Kernel -- architecture to add to access controls. Flask builds flexible support for security policies into the operating system instead of having it address one real-world scenario. Under Flask, the operating system controls propagation of access rights but doesn't issue rights without consulting security policies. It can issue fine-grained rights, with differentiation between users and user groups. The operating system also enforces revocation of previously granted rights, according to papers published on Flask by the computer science department at the University of Utah.
"NSA is pleased that the work of its research organization in the area of secure computing is being used ... by industry," said Dick Schaeffer, chief of the NSA's Information Assurance Directorate, in making the announcement. The Sun-NSA project amounts to "a transfer of those technologies to the private sector," he said.
The OpenSolaris project was organized by Sun in 2005 as it made its Solaris version of Unix available as open source code. It had about 80,000 registered members as of November 2007.
[Interop ITX 2017] State Of DevOps ReportThe DevOps movement brings application development and infrastructure operations together to increase efficiency and deploy applications more quickly. But embracing DevOps means making significant cultural, organizational, and technological changes. This research report will examine how and why IT organizations are adopting DevOps methodologies, the effects on their staff and processes, and the tools they are utilizing for the best results.
2017 State of IT ReportIn today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.