Hacker News new | past | comments | ask | show | jobs | submit login

Try the first two to be certified to high-assurance security:


The MLS model was too difficult to adapt to commercial use. Biba was good for stopping malware from overwriting files. They still preferred something more flexible. SCC then invented type enforcement in another high-assurance system:


Flask architecture was combining that tech with a microkernel. SCC, acquired by McAfee, added type enforcement to a BSD OS for their Sidewinder firewall. The next work by Mitre was proof-of-concept for OSS by adding it to Linux. That and a pile of incremental additions is called SELinux. I'm sure you'll find the LOCK design a lot cleaner as it was originally intended. ;)

Also worth noting are the KeyKOS system (esp with KeySAFE), the capability-security machines, and one language-based mechanism:




These collectively should keep you busy for a while. They're the kind of thing worth imitating or building on.

Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact