CA2036257A1 - Method for executing trust-path commands - Google Patents

Method for executing trust-path commands

Info

Publication number
CA2036257A1
CA2036257A1 CA002036257A CA2036257A CA2036257A1 CA 2036257 A1 CA2036257 A1 CA 2036257A1 CA 002036257 A CA002036257 A CA 002036257A CA 2036257 A CA2036257 A CA 2036257A CA 2036257 A1 CA2036257 A1 CA 2036257A1
Authority
CA
Canada
Prior art keywords
trusted
command
user
machine
parsed
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
CA002036257A
Other languages
French (fr)
Inventor
Mary E. Zurko
Andrew H. Mason
Paul D. Sawyer
Morrie Gasser
Thomas A. Casey, Jr.
Leslie R. Kendall
Judith S. Hall
Steven B. Lipner
Clifford E. Kahn
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Digital Equipment Corp
Original Assignee
Mary E. Zurko
Andrew H. Mason
Paul D. Sawyer
Morrie Gasser
Thomas A. Casey, Jr.
Leslie R. Kendall
Judith S. Hall
Steven B. Lipner
Clifford E. Kahn
Digital Equipment Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mary E. Zurko, Andrew H. Mason, Paul D. Sawyer, Morrie Gasser, Thomas A. Casey, Jr., Leslie R. Kendall, Judith S. Hall, Steven B. Lipner, Clifford E. Kahn, Digital Equipment Corporation filed Critical Mary E. Zurko
Publication of CA2036257A1 publication Critical patent/CA2036257A1/en
Abandoned legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/009Trust

Abstract

METHOD FOR EXECUTING TRUSTED-PATH COMMANDS

ABSTRACT OF THE DISCLOSURE

A method for executing trusted commands, in which a trusted command is first received from a user at a user terminal and parsed by untrusted code; then passed to a trusted computing base for execution.
The trusted computing base displays back to the use for confirmation some indication of what is to be done back to the use for confirmation. Confirmation of the commands prevents unauthorized modification of the commands and increases system confidence. A randomly (or pseudo-randomly) generated process identifier is employed to verify the existence of a trusted path.

Description

~0362~7 METE~OD FOR EXECUTING TRUSTED-PATH COMMANDS

This invention relates to a method for improving securi~ in a computer system. More specifically, this invention concerns a method for implementing trusted commands through both trusted and untrusted code.

The proliferation of computers has resulted in the need for reliable computer security systems. The need to protect certain information is great in areas dealing with national security, for example.
Securitv measures are required in other fields, including areas which utilize financial, medical, and personal information. Many computerized inforrnation systems therefore include internal security measures which provide the users with different levels of access to the computerized information, and which attempt to provide at least a degree of protection of the information from undesirable access.

Secudtv Critçria; R~erence Validat;on Systems In response to the need for secure computer systems, the Department of Defense has issued a publication titled Department of Defe~e ~usted CQmQuter S~stem EvaluatiQ~ia (reference No.
DOI;~ 5200.28-STD). This publication is sometimes referred to as the "Orarlge Book," and is available from the Department of Defense. The Orange Book describes system security objectives and evaluation criteria for secure computer systems.

:

~ , 20~2~7 A "secure~' computer system gener~lly inclu(les some type o~
"reference validation" sys~em. These reference validation systems (known as reference monitors) are responsible for enforcing the security rules (security policy) for a given computer system.
Reference monitors mediate all access to "objects" by "subjects".
Objects are passive entities that contain or receive information. Access to an object implies access to the information that it contains. Subjects are active entities, generally in the form of a person, process or device that cause information to flow among objects or change the system state. A subject may ordinarily reference its own, subject-internal information without the involvement of the reference monitor.
Reference monitors controlling such access to objects by subjects are known in the art, and may utilize a security kernel approach.
Proper implementation of a reference monitor calls for adherence to three principles:

(1) completeness, in that all access by subjects to objects or other subjects must involve the monitor;

(2) isolation, in that the mor~itor must be protected from tampering; and (3) verifiability, in that correspon-dence must be shown between the security policy and the actual implementation of the monitor.

As discussed, every reference to information or change of authorization should go through the reference monitor. Thus, all . .

2~36~7 commands issued by a user or other subject are monitored by the re~erence mon~tor. This approach is particularly useful in multiuser computer enviroruments.

S The totality of the protection mechanisms within a computer system -- including hardware, software, and firmware, the combination of which is responsible for enforcing a security pollcy -- is comrnonly known as a "trusted computing base" (TCB). If the trusted software is designed to be as simple as possible, for the sake of verifying the reference monitor, then the trusted software is known as a "security kernel".

Generally, TCBs attempt to meet the control objectives set out in the Orange Book. Compliance with these objectives inspires user confidence, and increases the overall desirability of a computer system.
These objectives deal with:

(1) security policy;
(2) accountability; and (3) assurance.

The security policy objective entails enforcement by the TCB of the desired security rules. These security rules are designed to limit the access to and dissemination of information in a precisely defined manner.

Security policies may include provisions for the enforcement of both mandatory and discretionary access control rules. Mandatory access control rules control access based directly on comparisons of the user's security level and the sensitivity level of the information being .

2~3~

sought. Discretionary access rules control and limit access to identified individuals who have been determined to have a need-to-know.

These access control rules call for associating with each user identification code a statement indicating the user's access rights. This statement often includes information representing the user's security level (for mandatory control purposes), and membership in groups (for discretionary control purposes).

The accountability objective calls for providing each user with an individual user identification code (often called a "user name") and for the TCB to be able to recognlze the code and ensure that it is being used by its proper user. This may be done by checking the user's password. This ensuring the user's identity is known as "authentication."

In addition, the accountability requirement calls for the existence of auditing capabilities. Such capabilities allow for the auditing of actions which can cause access to, generation of, or release of classified or sensitive inforrnation.

Assur~ncç Qbjectjy~ and 'TruSte~ems The assurance objective is especially important in the present context. That objective is concerned with taking steps to ensure that the security policy is correctly implemented and that the TCB accurately mediates and enforces the intent of that policy. Steps may be taken to insure that each portion of the TCB is assured. To accomplish this objective, two types of assurance are needed.
The first type of assurance is life-cycle assurance. This type of assurance refers to steps taken to ensure that the compu~er system is 2~3~23~

designcd, developed, and maintained using formalized and rigorous control standards.

The second type of assurance is operational assurance.
Operational assurance deals with the ~eatures and system architecture used to ensure that the security policy is uncircumventably enforced during system operation. All of the software (sometimes referred to in~ormally in the art as "code") in the TCB is generally analyzed to determine the assurance level of the system.
As the amount of code in the TCB increases, it becomes more diff;cult to ensure that the TCB accurately enforces the security policy.
Because of this, it is desirable to minimize the amount of trusted code, and thus the complexi~ of the TCB.
A TCB is usually operated~la substantial amount of software, such as text editors and other applications, operating within the security policy of the TCB. Generally, this untrusted software asks the TCB for access to objects when the user or ~ the untrusted software requires them. Thus, the majority of~t~3user's requests to the TCB, and the majority of the information that a user obtains rom the TCB, are handled through the agency of untrusted software.

This untrusted software, however, is by nature in darger of compromise and vulnerable to bugs. For some types of requests and displays, malicious or malfunctioning untrusted sof~vare could compromise the enforcement of the security policy. Generally, TCBs cannot distinguish between requests faithfully made by the untrusted 30 ~ software on command from a user and either ~requests made by the v untrusted software at its own initiative~r requests that misrepresent .

,.

.

2~3~2~7 the user's actual command. For example, if comrnands issued by an authorized user to change certain users' security levels were made ;hrough the agency of untrusted so~tware, it would be possible for malicious or malfunctioning untrusted software to inappropriately raise S the security level of a user. Such inappropriate raising of a security level could result in the disclosure o~ sensitive information.

Furthermore, TCBs generally cannot ensure that displays made by untrusted software are faithful. This poses problems in that if displays of audit records were made through the use of untrusted software it would be possible for malicious untrusted software to misrepresent these audit records to hide suspicious activities.

To overcome these problems, prior-art systems have developed a concept known as a "trusted path." A trusted path is a mechanism by which the user can cornmunicate directly with the TCB. A trusted path may only be activated by the user or the TCB and cannot be imitated by untrusted code. Such a trusted path is a positive TCB-to-user connection that bypasses all untrusted sof~wa~lle Orange Book 20 1~ requires a trusted path for all systems '~)a security rank of B2 or above.

A "trusted command" (also known as a trusted-path command~ is a cornrnand which requires a trusted path between the user and the 2S TCB for execution. The specific security policy of a computer system vill determine which commands are defined as trusted commands. For example, commands relating to changes of the security levels of users would be trusted comrnands.

- 7 - 2~3~2a7 Parse~s ~s Incr~ers of System Complexitv P~ecause of perceived performance problems, prior-art computer systems often included code to implement certain functions in the TCB. One such function comprises a portion of code known as the S "parser."

The parser performs the basic interpretation of user commands by translating a human readable representation of a user command (e.g., a command typed by a user a~ a keyboard) into a machine-readable representation known as the binaly representation, or the parsed command. A user command may consist of a group of words, typed by the user, specifying sorne action to be taken. The user command may also speci~ one or more variations or options of that action.
For the convenience o~ the user, most parsers allow these option words to be typed in any order without changing the meaning of the user command. Also, most parsers allow the user to type the words in either full or abbreviated form. In some instances, several possible abbreviations exist. Further, in most parsers, the user may va~y the spacing between the words without changing the meaning of the comma~d. Some parsers also check user commands for proper syntax, and report errors to the user prior to execution of the command. Other parsers prompt the user for missing information, avoiding the need to completely retype an incomplete command.

Thus, several different inputted human-readable representations may be associated with each unique parsed command. It is the job of the parser to translate accurately these inputted representations of user commands (which may vary with each user) into specific parsed 2~3~7 command represent~tions. Due to the complex nature of parsing, large amounts of computer code are generally associated with this activity.

Prior-art trusted software sys~ems have included the parser ~or S trusted conunands, and thus the associated code, within the TCB. In these systems every trusted command was parsed and executed exclusively by trusted code. The inclusion of the parsing code in the TCB was regarded as necessary for proper system operation.

As discussed above, however, the ease and degree of assuring a system is roughly inversely proportional to the complexity of the system's TCB. Thus, the inclusion of the parser in the TCB results in more complex asSUraDCe analysis and a corresponding decrease in system confidence. Prior art devices (since they needed to be small and simple to support assurance) have thereby inherently constrained the user-friendliness of computer systems.

The present invention provides a number of advantages over the prior art. By reducing the complexity of the TCB, the amount of tmsted code that must be verified or assured is reduced. In addition, the general usability of the system is increased, because the improved method of processing trusted commands allows for the implementation of added computing functions at little or no additional cost in TCB
assurarlce.
The present invention includes an improved method for the execution of trusted commands. In this improved method, the required steps for processing a trusted command are split between trusted and untruseed code. In this manner the amount of trusted code in the TCB
may be signi~lcantly reduced.

9 2~362~7 As discussed above, the parsing of a command can be compara-tively difficult, and often requires large amounts of complex code.
However, it is relatively simple to translate the parsed representation of a command into a standard human-readable representation for display to the user. This is in part because a single, standard human-readable display representation may be associated with each parsed representation. The present invention takes advantage of this fact by parsing the trusted commands in untrusted code prior to execution in the TCB.
In general, the present invention includes a computer system which includes a TCB operating as a reference monitor. Included in the TCB is the security-relevant code necessary for the actual execution of a trusted cornrnand.
Associated with the TCB are one or more untrusted subjects (e.g.
processes). Each such subject has particular access rights, which may include a security level. These untrusted subjects co nmunicate only with the involvement of the TCB. The TCB allows cornrnunication only as permitted by the system's security policy. Each untrusted subject is substantially independent.

In each of these untrusted subjects, untrusted software is generally run. This untrusted software may include an untrusted operating system (UOS), and generally includes applications such as text editors. In the present invention, the untrusted code includes the non-security relevant &nctions necessary for the execution of a trusted command. ~

Attached to the computer system are several user terrninals.
These user terminals allow the user to exchange inforrnation with the ,.

~ lo- 2~3~257 computer system. All terminal activity is seen ~irst by the TCB. A
secure-attention Icey is dedicate~l for use on each terrninal attached to the computer system. The TCB is designed to recognize and trap this key signal. Activation of this key by the user establishes a trusted path S be~ween the user terrninal and the TCB. Alternate methods for establishing a trusted path may be utilized.

The TCB is generally provided with a limited number of "direct" user commands (direct commands). Because of this, the majority of the user's activ;ties will take place in the untrusted operatir.g system.

While operating in the UOS, the user may attempt to execute a trusted command. When one of these commands is issued by the user, the untrusted code in the UOS checks the syntax o~ the command and may prompt for missing parameters; then the untrusted parser converts the comunand into a parsed representation that will be referred to here for convenience as the "binary representation." In some instances, command procedures and application-issued trusted comrnands will also be parsed and translated into a binary representation.

This binary representation is then passed &om the UOS to the TCB. The TCB initially associates the binary representation with a physical terminal, and copies the binary representation into a memory buffer assigned to that terminal.
:
Once this has been completed, the untrusted code in the UOS
may prompt the user to activate the secure-attention key. If this key is activated, a trusted path will be established between the user terminal and the TCB. Alternate methods may be employed to initiate this trusted path. A randomly generated process ID, which may be - 1l - 2~2a7 generated at login, may be utilized to prevent untrusted code from simulating a trusted path.

Subsequent activity by the TCB depends on the type of command S that is represented by the binary represent~tion. If the command is one that will not modify any information, i.e., a request to view information, the TCB veri~les that the user has the necessary access rights, and attempts to execute the binary representation. A human-readable standard representation of the binary command received by the TCB is displayed along with the information.

In most irlstances, if the command requested by the user requests modification of information, the TCB displays for confirrnation a standard human-readable form of the command, along with an indication of what the result of command execution will be. The user is then requested to confirm (by typing a response via the trusted path) that the displayed command was received correctly and should be executed.

This confirrnation allows the- user to ensure that untrusted code has not performed an unauthorized modification of the user's original cornmand. Also, confirrnation allows for the detection by the user of any errors that may have occurred during the parsing process. In situations where the binary representation represents a comrnand procedure or an application-issued trusted command, the confirrnation ensures that the cornmand proposed by the untrusted software is acceptable to the user.

If the command is confirmed by the user, the TCB checks to ensure that the user has the necessary access rights to execute the command and, if so, attempts to execute the command.

A distinct advantage of the present invention arises from the ~act that the execution of a trusted command is split be~4een trusted code and untmsted code. The actual parsing of the command occurs in S untrusted code. The trusted code included in the TCB checks the parsed command for correctness and displays it ~o the user in human readable form. This checking and display of a parsed command requires substantially less code than is required to parse a command.

Thus, since the command parser is included in the untrusted code, the amount of trusted code in the TCB is mirumized. This lowers the difficul~ of trusted system assurance, and increases the amount of confidence that may be placed in a system.

It is a further advantage of this invention that the user interface is separate from the underlying functions performed by the TCB. This allows for implementation of alternate UOS-to-user interfaces without major modification of the TCB. Further, the amount of time and effort to develop such a command interface is reduced. A still &rther advantagc is that more useability features may be provided without substantially increasing ehe complexity of the TCB. Examples of such ~ useability features are command~line editing and recall.

Figure 1 illustrates the various levels within a computer system;

Figure 2 illustrates various layers with;n the trusted computing base;

Figure 3 illustrates a trusted path;

13- ~0362~7 Figures 4A and 4B are tlow diagrams representing a method for processing trusted cornrnands. Differences in box representation in these drau~ngs are explained below.

Figure S illustrates one method of implementing the invention;

Figure 6 is a flow diagram representing a method for verilying a trusted path;

Figure 7 is a state transition diagram of a further embodiment utilizing various command states.

A specific embodiment of the present inventiorl is described with respect to a computer which supports various user processes and may operate in a multiuser environment. As an illustration, an implementation in connection with a VAX model computer, available from Digital Equipment Corporation (DEC), is briefly described. It should be understood that the present invention may be readily applied to various types of computer systems includjng PC networXs, stand-alone multiuser computer systems, or single user computer systems, to name a few examples.

Overviç~ ~fhyare ,~chitecture E~IG. 1 illustrates a preferred computing environment which is generally designated by the reference numeral 2. A tmsted computing base (TCB~ 10 resides at the center of the computer system. The TCB
10 acts as a reference monitor in that access to information is mediated by the TCB 10.

In a general embodiment of ~he invention, the TCB 10 may be a secure kernel residing under the general operating system of a computer ' - 14- 203~2~7 system. In one embodiment, the TCB 10 comprises trus~ed code / residing underneath a VMS or Ultrix system ~

The TCB 10 enforces a security policy which idénti~les S permissible modes of access between users or computer processes (subjects~ and files, memory segments or other objects. Access to stored information is mediated by the TCB 10, so that the TCB 10 may determine whether a particular user or untrusted subject can access particular information. In order for the TCB 10 to fulfill its protective function, it must take into account the three requirements discussed above: (1) completeness, (2) isolation, and (3) veri~lability.

A more complete understanding of the TCB 10 may be obtained by reference to FIG.2. As is illustrated, the TCB 10 may comprise several distinct layers. Each layer of the TCB 10 comprises trusted code. This trusted status is indicated by the security boundary 11. In one embodiment, layers of particula- interest are the layers to be referred t~as~ secure server (SSVR) 12, Command Conveyor (CC) 14, and~i~r~(VT) 16.
The TCB 10 includes the trusted code necessary to ensure compliarlce with the Orange Book requirements. In alternate embodiments, the trusted code may ensure compliance with different systerns of security requirements. The TCB 10 also includes the code which actually executes the requested trusted command, as discussed below.

Each untmsted subject is generally supported by an untrusted process. This process may spend time in one of two "modes." The first mode, in which the process usually runs, is known as ''user mode." This mode is a restricted hardware state~such as the VAX user mode that is - 15- ~36257 known in ~he art. This process may also spend time executing trusted code in an all-powerful hardware state. This state is represented by the VAX "kernel mode", which is known in the art. lllis state may be triggered by a request by the untrusted subject of the security kernel.
S Such a request may be made in a conventional manner and is commonly called a "kernel call." This mode may also be triggered by asynchronous events (e.g. ~he completion of an Input/Output request previously made by the untrusted subject).

In one embodiment, the TCB 10 also has one process associated with each terrninal that communicates with the user over the trusted path. This process is known in the art as an "execution thread." In this embodiment, each execution thread shares its address space with other TCB execution threads. An advantage of such sharing is economy of machine resources. Full-blown processes, each with its own address space, would require far more machine resources than if such address space sharing is employed.

It is the CC 14 which provides the interprocess communication for passing parsed cornmands between the processes that support the untrusted subjects, and the processes within the TCB 10 that support the trusted path.

The untrusted code may submit to the TCB 10 the parsed representation of the trusted command by making a kernel call. The kernel call causes the process suppor~ing the untrusted subject to switch to the all-powerful hardware state and to begin to execute trusted code designed to handle kernel calls. This trusted code recogl~izes the nature of the kernel call and calls the CC 14. The CC 14 then obtains and copies the binary representation of the trusted cornmand into protected ~362~

memory and puts it in a global data structure that supports the process associated with the terminal in question.

The VT 16 layer includes the trusted code which monitors all S terminal activity and checks for activation o~ the secure-attention key.
In one particular embodiment, the VT 16 layer also includes code which lracks which physical terrn~nal is associated with a particular user or untrusted subject.

The specific manner of implementation of the above described activities will be apparent to one skilled in the art having the benefit of this disclosure.

Referring to FIGS 1 and 3, "around" the TCB 10 is a general untrusted operating system (UOS) 20. The UOS 20 generally comprises untrusted code and may include a traditional operating system such as Ultrix or VMS. Alternate constructions are envisioned where the UOS
20 includes any untrusted codè. It will be appreciated that the system may include untrusted code that is separate from TCB 10 and UOS 20.
Most user activity will occur in the UOS 20. In one embodiment, a specific UOS 20 may run in each untrusted subject.

~l5ç-LTelminal~ and th~ Secure-Attention Key Associated with the computer system are one or more user terminals 30. These terminals 30 may be conventional in construction, in that they allow the user to exchange information with the computer system. Either "intelligent" or "dumb" terminals may be used. Examples of such dumb terminals are the well-known VT series 200 and 300 terrn~nals. These ter~unals are available from Digi~al Equipment Corporation or its authorized dealers.

~3~2~

A particularly useful termin~l inclucles control progralTuning that is designed with securi~ features in mind, such as is described in a co- -pending U.S. patent application entitled "Method for Securing Term~nal and Termh~al Apparatus for Use with the Method," Serial No. 456,672, S aled by Wei-Ming Hu, Clifford E. Kahn, Andrew H. Mason, and Peter A. Sichel on December 26, 1989 and to be comrnonly assigned v~ith this application.

A keyboard is attached to each user terminal. Each keyboard includes a key employed as a secure-attention key. This key is utilized to establish a trusted path between a user terminal and the TCB 10. In one embodiment, the secure-attention key is an "out-of-band key" for the UOS 20. It is desirable that the signal sent by the terminal upon activation of the secure-attention key is generally not utilized by the applications running in the UOS 20. An out-of-band key is convenient since it does not restrict the traditional number of user keys and the signal is sent immediately, even if other I/O is pending. For example, the secure-attention key may be the BREAK key on the terminal keyboard.
In many terminals (such as the VT 2XX and VT 3XX farnilies) lock~ng of the keyboard prevents the transmission of several key signals.
In these terminals, however, the BREAK key signal may be transmitted, even from a locked keyboard. Thus it is generally desirable to employ the BREAK key as the secure-attention key. Also, the signal generated by activation of the BREAK key comes in ahead of other characters in the keyboard bufEer. A further advantage of utilizing the ,~EA~C key ~7 is that software running in the UOS 20 cannot get~inal~ to send that character.

- 18- 2~3~7 lhe T~ted Path and Direc~ Comm,lncls The TCB lO generally oper;ltes as a reference monitor.

Upon initial login or at other times when the user is not S connected to a process in the UOS 20 (e.g., an application program), the TCB 10 responds to a comparatively limited series of "direct commands," which may include a CONNECI` cornmand to connect to an untrusted subject. When the user is connected to such an untrusted subject, the TCB 10 checks for the secure-attention signal; if a si~nal other than the secure-attention signal is received, the TCB 10 passes the signal to the connected untrusted subject.

As discussed above, in one specific embodiment the trusted code in the v'r layer 16 morutors all terminal activ~ty. When the code in the VT 16 notices that the BREAK key has been depressed, the SSVR is signaled in a conventional manner (such as by advancing an event count or activating a flag). Code in the SSVR 12 recognizes this signaling and establishes a trustcd path between the user termlnal and itself. In this maMer, the secure-attention key signal is trapped by the TCB 10.
In certain security environments, general security requirements mandate that the TCB 10 make displays when a trusted path is established and exited by the user. In one embodiment, when a trusted path is established, the TCB 10 sends a reset command sequence to the physical user terminal 30 to assure that it is in a known state. T~is is done in part to ensure that the information displayed to the user by the TCB 10 is in the intended form, (e.g., correct font). A particularly useful sequence of commands to implement the reset cormnand sequence is described in the aforementioned copending U.S. patent application by Hu et at.

,9 2~36~

When the secure-attention key is activated, other than in connection with the issuance of a Irusted command, the secure server 12 displays a particular banner and prompt (for example: "SSVR>"
together with the user's process i~entifier, discussed below), to indicate S that the user is conversing interactively with trusted code. If the secure-at~ention key was activated in connection with the issuance of a trusted cornmand, the secure server 12 displays to the user some indication of what is to be done, as discussed below.

When command execution is complete, or when the user establishes or reactivates a session with the UOS 20, the TCB 10 issues a message to inform the user that he/she is breaking the trusted path.
When a session with the TCB is complete, the memory in the physical terminal may be cleared by the TCB. This is done to protect trusted information from both untrusted code and unclassified persons who may later use the terrninal. A particularly advantageous method of clearing the terminal memory is described in the aforementioned co-pending patent application.

The number of direct user commands available from the TCB 10 is preferably lirnited to reduce the complexity of the TCB 10.
Genera~ly, a cornmand is direct if:

a. one needs the command when one is not coMected to an untrusted subject;

b. end users depend on the com-mand's correct behavior for security (e.g., LOGOUT); or - 20 - 2~3~

c. the command must be issued when no user process in the UOS 20 is running.

ln most cases, the user will converse with the TCB 10 through the SSVR 12. In one embodiment ~he user conversing with the SSVR 12 may be restricted to commands which allow him/her to establish (connec~) or end (disconnect) a computing session in the general UOS
20. Further commands may be added, such as allowing the user to view the ex~sting UOS 20 sessions or change his or her password, but it is generally desirable to limit the number of available commands in the TCB 10. It is further desirable to ensure simplicity in the syntax of these direct cornrnands.

The simple syntax of the direct commands, and the comparat;vely small amounts of code necessary to interpret these cornmands, do not substantially increase the complexity of the TCB 10.

Lo~in Processille by the TCl~
To initiate a computing session in the illustrative UOS 20, the user may first login to the computing environment through the SSVR
12. To initiate a login, the user activates the secure-attention key (or performs some other action to gain the attention of the SSVR 12). As discussed above, this establishes a trusted path between the user terminal and the TCB 10. Alternate embodiments are envisioned wherein other methods are employed to establish a trusted path.

Once a trusted path has been established, the SSVR 12 prompts the user for his/her speci~lc user name and password. The various layers in the TCB 10 perform well-known security checks to ensure that the user has the necessary access rights to login at the terminal. If the -21- 2~2~7 user possesses the required access rights, a computing session is established in the SSVR 12.

At this time, the user's security information is stored by the TCB
10. The TCB 10 also stores in memory a unique identifier of the user ,/ process. This information is maintained in memory by the TCB 10[~
tl~ w ~ ~----ConnectiDn to Untrusted Plocess Because the number of ~lirect user commands in the TCB 10 is preferably lim~ted, the user will generally choose to establish a computing session with an untrusted subject. Such an untrusted subject may include application programs residin~g in the UOS 20.

In one specific embodiment, when the user establishes a computing session in the UOS 20, the user's physical tenninal 30 is associated w~th a virtual terminal of the UOS. The user converses with the untrustcd subject through a computing scssion within tho UOS 20.
When such a connection with an untrusted subject is made, the VT
layer 16 of the TCB 10 stores in memory which physical terminal 30 is associated with which virtual terminal in an untrusted subject. In this ma~ner, trusted comrnands received from an untrusted subject may be attributed to the actual user at the physical terminal 30. Once the user has established a computing session within the UOS 20, normal computing activities may be carried out.
A more detailed understanding of these activities may be obtained through reference to FIG.4A and 4B. Activities indicated by ; heavily bordered blocks are performed by the TCB 10, or trusted code.
Activities represented by lightly bordered blocks are performed by untrusted code.

" , . ~ ~ ' ~ ., ' -22- 2~3~7 In FIG.4A, the user terminal is represented as having established a computing session lO0 within the general UOS 20. During the session, the user may attempt to execute various commands.
Utilities within the UOS 20 determine whether the issued commands S are trusted cornrnands 50. If the command is not identified by the UOS
20 as a trusted command, the UOS 20 attempts to perform the command at process 60. In these cases the operation and existence of the TCB 10 may have little effect on the command's behavior as seen by the user.
e PrQ~ç~l~ili~
In one embodiment, a process identifier (process ID) is associated with each user process at the time of login. This process ID
is a pseudo-randornly generated a~-numeric tag which is associated 15 ~/ with the user throughout ~is/hc~omputing session.

The process ID is useful if the untrusted code can temporarily disable or delay the effect of activation of the secure-attention key. For example, untrusted code can send a reset command to some tenninals.
While these tenninals are resetting, activation of the secure-attention key has no effect. Such a technique may allow untrusted code to trick the user into thinking a trusted path had been established when it had not been. The process ID inhibits such trickery by allowing the user to distinguish between actual and emulated trusted paths.
When the user first logs in, he/she will not yet know the process ID and caMot detect a &Ise trusted path. However, to simulate a login dialogue, untrusted code would have to guess when the user activa~ed the secure-attention key, or somehow detect the activation of the key even though the TCB could not detect it. Guessing the activation time is impracticable, because users start login dialogues at their own 23- 203~2~7 convenience and give no adv~nce signal to ~he TCB pnor to activation o~ the secure-attention key. Detecting the secure-attention key even though the TCB could not detect it would be possible only by causing the key to yield a signal different than the TCB expects. Methods to S prevent such an event are described in the co-pending application by Hu et al., referenced above.

With some termirlals, the untrusted code may be able to program the terminal so that the secure-attention key generates a signal tha~ is recognizable to the untrusted code, but not to the TCB. In these cases, generation of the process ID at the time of login would be unsatisfactory. Instead, the process ID may be generated prior to user login. For example, in these embodiments, the process ID may be generated when the user is registered with the TCB 10 and stored ;n lS protected memory. In this embodiment the user may be given a way of changing his/her process ID, just as the user can generally change his/her password.

In one particular embodiment, when the user logs in the SSVR
12 pseudo-randomly generates a process ID and assigns this ID to the specific user at the physical terminal. Methods of generating pseudo-random identifiers are generally known in the art. In one embodiment, the random number initial seed is based on a hardware (as opposed to a software) event. The algorithm for generating ;~ 25 successive random numbers should be computationally difficult to invert.

~is process ID is maintained in the TC8 and is never provided to untrusted code. Thus, untrusted code in the general UOS 20 i9 prevented from discovering the specific process ID assigned to the user.

- : . . ~' , .

-24- 2~3~ 7 The user is responsible for noting an~J retaining his/her assigned process lD. To promote user retention the process ID may be generated as a pronounceable group of characters. Methods for such generating pronounceable passwords are described in "A Random Word Generator", MITRE Technical Report (MTR-3006), May, 1975, by Morrie Gasser.

The process II) is displayed to the user when a tNsted path is established between the user terminal and the SSVR 12. Displaying the ID selves a useful security function as it inhibits untrusted code ~rom "spoofing" the user. Absent the process ID it may be possible for an untrusted subject to emulate the SSVR 12. An untrusted subject, emulating the SSVR 12, may be able to trick the user into divulging security-relevant information or otherwise comprorrusing system security.
The process ID, known only to the uses and the SSVR 12, inhibits this type of "spoofing." Before the user responds to an apparent SSVR 12 request, he/she will first verify that the proper process ID is displayed. Since the process ID is known by only the user and the SSVR 12, it is extremely difficult for an untrusted subject, ignorant of the process ID, to fool the user into believing that he/she is conversing with the SSVR 12.

FIG.6 illustrates a flow diagram of this process. When the user initially logs into the computer system through the SSVR 12, a randomly generated process ID is assigned to the user. This activity is represented by process 310. In one embodiment, this process ID
comprises alphabetic characters and is pronounceable. The pronounceable nature promotes user retention of the ID. The process ID is then stored in trusted memo~y by the SSVR 12 and displayed to the user by the SSVR 12 at process 320.

2~3~257 During the course of the computing session, the TCB determines if the user is operating through a ~rusted path. This activity occurs at process 330. If the TCB determines that a trusted path is not established, the process ID will not be displayed to the user. This is noted at process 350.

The process ID is maintained in trusted code and memory, and is inaccessible to untrusted subjects. Each time a trusted path is established between the SSVR 12 and the user, the SSVR 12 displays the user's process ID at process 340. By obse~ving the displayed ID, the user is assured that an actual trusted path has been established.

The Command !~Qslvevor As discussed above, the command conveyor (CC) 14 is a layer in the TC8 10 which comprises part of the trusted code. The CC 14 is utilized to ensure proper communication of trusted commands between the SSVR 12 and the process supporting the untrusted subject. As discussed, such an untrusted subject may include a UOS 20.

Associated with each physical terminal 30 is a command buffer.
In some embodiments, a status code may be associated with each terminal. In still other embodiments, one of five command states is also associated vvith each physical terminal. The comrnand buffer is used to store tbe binary representation of the trusted comunand. The status ; 25 code may be employed to provide the resulting execution status to the untrusted subject. The command states generally comprise fivo possibilities:

(a) no command, (b) command submitted, (c) command in progress, -26- 2~2~7 (d) ignore finish, and (e) comman~l done.

These states are used to in~licate the various states that may be S encountered in the execution of a trusted command. FIG. 7 is state transition of the com nand states. A detailed explanation of these states and the statuses may be obtained ~rom the following discussion.

Distri~utioll t2f Processille of I~ ÇL~
As discussed above, the TCB 10 "recognizes" two categories of cornmands. For the purposes of this specification "commarlds" include user instructions received through the use of cornmand line interfaces, menu interfaces, direct manipulation interfaces or the !ike.

The first category includes "direct commands" issued while the user is operating in the SSVR 12 layer of the TCB 10, i.e., is interactively conversing with the TCB 10. As discussed above, it is desirable to limit the number o~ direct commands available to the user.
The execution and processing of these direct com nands is carried out using traditional methods known in the art.

The second category includes "trusted com nands." These commands a~e issued by a user operating in a non-trusted computing environrnent, such as in the general UOS 20. In one embodiment these trusted commands are issued by a user operating in an untrusted virtual machine. FIGS. 4A and 4B illustrate the activity necessary to execute such a cornmand.

I the user attempts to execute a trusted comrnand, the parser residing in the general UOS 20 parses the trusted cornmand string and converts it into a binary representation at process 70. In parsing the `
' -27- 2~362~7 command, the untn~sted code in the UoS 20 checks syntax and semantics, and prompts for missing parameters. Parsing strategies are well known in the art and will nol be discussed herein.

From a security perspective, it is not required that the code in the UOS 20 perform an accurate translation of the user's commands into a parsed representation (bina~ representation~. The confirmation / mechanism, described below, is designed to catch such whether benign or malevolent.
Following parsing of the command, a process supporting the UOS 20 issues a call to the TCB, submitting to the TCB ~
~,i r~prese~i _~the identi~lcation of the terminal .. _, , ... .. ~ ~ .
from which such command was issued, at process 80~ In one ~ embodiment, ~virtual term;nal from which the command was issued is submitted to the TCB. Such a call is processed by the CC 14 in the TCB 10. The CC 14 then deterrnines which trusted subject submitted the command and copies the parsed representation into protected memory at process 90. In one embodiment this deterrnination is madc by asking VTerm to identify the physical terrninal associated with the UOS's virtual terminal.

Such a subrnission of the binary representation will be successful only if the TCB 10 determines that the submitting te~ninal is cormected to an actiw process.

Norrnally, in embodirnents utilizing the com nand states, the comrnand state of the submitting physical terminal is no ÇQlllm~, which indicates that there is no trusted command submitted by that physical terminal or in progress. This state is represented by state 400 in FIG. 7. When the state is no conU~, the CC 14 saves the binary 2~3~2~

representation in the command buffer, ;lnd sets the physical terminal's state to comlllang~m~ , represented by transition state 410.
Otherwise, the submission fails.

S When the untrusted subject running in untrusted code receives ~/ indication from the TCB 10 that the command has been~U~
submitted, it requests the user to ~ctivate the secure-attention key. In one embodiment, the untrusted code in the UOS 20 will request that the user activate the BREAK key.
If the user activates a cancellation key, for example Ctrl-Y or Ctrl-C, instead of actiYating the secure-attention key, code in the general UOS 20 may cancel the trusted command. This can be accomplished by the untnJsted code issuing a kernel call ~i.e., a request by the untrusted subject of the securlty kernel) informing the CC 14 that the command is to be aborted. If the CC 14 ~mds that the command has not been sent to the SSVR 12, the command is canceled.
S; nilarly, if the user process in the UOS 20 is killed, the process mndown code may cancel the trusted command request. However, if 7 the CC 14 finds that the cornmand has already been sent it proceeds, because the user is already executing the command.

In embodirnents employing command states, cancellation of the trusted cornmand request results in the command state being changed from c~llunaD~ to no çQmm~n~. This process is indicated in FIG. 7.

If the user attempts to establish a trusted path at tho same time the trusted command is sent to the TCB 10, then the TCB 10 must arbitrate; either of these requests may be processed first. If the secure-attention signal is processed first, the TCB 10 may defer the command .

-20362~

submission, and a connec~ion wi~h Ihe SSVR 12 is established. If the submission is processed first, ~hen the user sees ~he col~lrmation screen as is described below.

S If, when prompted, the user ac~ivates the secure-attention key, a trusted path is established between the user's physical terminal 30 and the SSVR 12 in the TCB 10. This configuration ;s illustrated by the dark line in FIG.3. When the VT layer 16 detects the secure-attentian (BREAK) key, it notifies the SSVR 12 which ~hen establishes a trusted path in the trusted path-supporting process associated with the user's physical term~nal 30.

Once the trusted path is established, the TCB 10 maintains exclusive control over the physical terminal 30. In one embodiment, untrusted code in the UOS 20 waits to be notifled that the command has been completed. Thus, the user essentially bypasses the untrusted code, and converses ollly with trusted code. Thus, if the user's process in the general UOS 20 is killed or terminates, or the general UOS 20 crashes, the trusted com~nand ma~ aexecuted. The user will not 20 ~ be informed of any of these ~until the trusted command has been completed or abandoned.

Following establishment of the trusted path, the security requirements of the system require interaction between the user and the SSVR 12. This is necessary to execute comrnands which require the establishment of a trusted pa~h. The Orange Book criteria, and/or the system's security goals, will determine which commands require tbis interaction as is generally discussed in Section 4.9 below.

The establishment of a trusted path in these instances is useful for sewral reasons. First, it allows the secure server to identify the 2~3~2~, specific user issuing the command. Second, the trusted path allows the user to review and approve (or reject) the requested action in a trusted fashion. This reduces the possibility o~ malicious untrusted software altering a comrnand request, and allows for ~he detection o~ parsing errors.

FIG.4B illustrates the activity occurring after control has passed to the TCB 10. As discussed above, the TCB 10 filrst establishes a trusted path at process 120. The TCB then checks to see if a trusted command has been submitted by the user. Untrusted code may then wait for the command to finish.

Once a trusted path has been established, the SSVR 12 will call the CC 14 to return the binary representation at process 130. In one embodiment, the CC 14 will first determine the command state of the physical user terminal 30. In a still further embodiment if the command state is comm~ subnljL~ 410 (FIG. 7), the CC 14 will return to the SSVR 12 the binary representation, and change the comrnand state to ~ j~5~ 420. If the state is no co~ 400 or ~Qmm~d ~Q~ 430, the call will fail, and the SSVR 12 will display the SSVR
prompt (SSVR>) to the user. An initial command state of comm~d in = ~ 420 or i~norc fi~l~h 440 implies a bug in the SSVR 12 and may result in the CC 14 crashing the TCB 10.

In these embodiments, if the command state was comm?n51 nit~ 410, then the CC 14 will return to the SSVR 12 the binary representation of the requested command.

: . ' : :

- 31 - . 20362~ ~

Displ~y o~ Comrrl~n~J to Usçr Once the parsed command has been returned to the SSVR 12, the SSVR 12 w~ll determine if the command requires confirmation at process 140 (FIG. 4B,~. Confirmation should generally be required for commands which request modification of information. Commands that do not alter the intormation, such as the viewing of information, should not generally require confirmation. For purposes of cor~lrmation, redirecting the display into a file should be considered as viewing information.
The decision of whether a given command should require activation of the secure-attention key to execute depends on the basic security policy of the system. In one embodiment, secure-attention trusted commands are a mechanism for use by system managers, security managers, operators, and holders of special privileges.

Generally, a cornmand which is not a direct cornmand, is a secure-attention command if:

a. it modifies a security kernel databasc in a security-relevant way; or b. it displays information on which a systems manager, security manager, or operator will base a security decision.

,,,~ If the cornmand is one that does not require confirmation, the TCB 10 enforces the system's security policy and determine1 if the user has the necessary access rights to execute the command at process 145.
If this is the case the TCB 10 attempts to execu~e the binary representation at process 150. Since certain commands, e.g. commands "

~ s ,r~ ~
- 32 ~ 2 ~ ~

that merely display information, ~o not change the state of the system, user confirmation is not required. There is no securfty problem in not ~/ confirming these commands since the system allows users to view~
information to which they have access s There are certain commands that change the state of the system ~maY not requ~ c nfirmation. Some comsnan~.s~nay all w the ~ ~ ~tJ~1 user to~i_~to~which~the-user-has aGcess-pesmission~J ~files are sometimes known in the art as "listing files." Generally, the turning on of a listing file is a confirmed con~rnand.

In situations whcre~file has been turned on (i.e., the output is redirected into a listing file) commands which normally display information may, by writing to the listing file, alter the state of the system. In these cases, confirmation of these commands is generally not required ~,e the flow of information is constrained by the TCB's security ~

When a cornmand requesting the display of information is executed by the TCB 10, the SSVR 12 responds by displaying a complete representation of the requested command as well as the requested information, i.e. the standard human-readable representation of the command. In one embodiment, the SSVR 12 displays the function code, command modifiers, and command parameters all in unambiguous notation. If employed, the process ID may also be displayed.

Thus, if the user's command is improperly parsed, or modified in an unauthorized manner, the user will be able to observe the difference.
This inhibits an untrusted subject from fooling a user into believ~ng that ~;

-33 ~3~2~17 he or she is observing the results of a submitted command, when in fact v' that command ~actually been al~ere~J.

If the command requested is one ~r which confirmation is S required, the SSVR 12 displays a standard human-readable representation of what is about to be done to the user terminal at process 170. The code representing each cormnand shouid produce a different display, unless the commands have the same effect. As previously discussed, the re-display of the action that a binary repreSeDtatiOn will perform is less complex than the parsing of the original command. This is in part because by definition there is only one standard human-readable representation for each parsed command.

By parsing the command in untrusted code, and verif~ing the request in trusted code, the overall complexi~ of the TCB 10 is decreased. The display of "what is about to be done" may of course vary from one co nmand to another.

If the command's purpose is to add a record to a database or create an object, the display may contain what the new record will contain, or what the attributes of the object will be if the command is confirmed.

If a particular database or object is to be modified, the display may show what the updated data will look like, or what the attributes of the object vill be if the comrnand is confirmed. For commands which remove an existing object, or delete an existing file, the display may show the record or object.

Generally, for both adding/creating and modifying, the data packet representing the submitted command may contain fields for the -34- 2~3~a~

v ~ attributes, such as its n~me, its size and its protection. For each of these fields, the packet may also have a tlag indicating whether the field is meaningful. These aags indicating meaningful fields may be know as "field selectors."
s In add/crea~e commands, the TCB may supply default values for unselected fields. In cornrnands which modify a database entry or object, unselected fields may retain their previous values.

To aid the user, the selected fields may be highlighted when displayed for confirmation. Such highlighting may be accomplished by methods known in the art (e.g., by using escape sequences that begin v and end reverse video). This highlighting draws the ~ser~ attention ~o the fields that have non-default or changed values and helps to protect the user from tricks by untrusted code.

v' When an audit recorct~;~ the con~irmation displ~Dvia the sink (discussed below) the reverse-video escape sequences may be replaced with dashes on the next line. Example:
Name: JOHN.DOE

This change pernuts the audit record to be properly displayed on a wide variety of devices, even simple line printers.

25 ~
Alternative embodiments are envisioned in which the TCB
checks each field's value: for add/create commands the fields that have non-default values are highlighted; and for modify commands the fields .

.. , ~36~7 that are changing are highlighted. This "field comparison" approach generally results in less highlighting.

Generally, for every command, every packet ~leld is displayed on S the screen, except for fields ignored by the particular cornmand.

In the cases when a database will not be modi~led, the display generated by the SSVR 12 may express ~r~ = ~r ~g~ what action is to be done. In this manner, the possibility of an .
erroneous confirmation is reduced si ce the user is requested to confirm ~ ~ c ~ ~7 '~ the results, ~ ~t~>t~q~ptic . . .
con~nan~
. _ J

The SSVR 12 may also display a list of user protection attributes lS ~ ~ ~so that the user knows __ what role he or she is exercising. The user is required to confirrn explicitly (Yes or No~ the action requested. In a general embodiment, the TCB 12 displays for confirmation the results which would occur if the cornmand is executed.

Generally, any information in the binary representation that is displayed is first validated. This in~ormation is checked once to ensure that certain requirements are met, e.g., to ensure that the counts of -36- 2~3~2~7 array elements are within arr~y boun~ls (since out-of-bounds conditions could provide an opportunity ~or entry into the TCB by illicit software).

Before displaying the contents of a packet containing the binary representation of the command, anything that could cause the formatting code to malfunction may be validated. Generally, such candidates for validation could include anything used to index into something else. Specific examples include the PASCAL language's implementation of varying strings (a count followed by an array of characters; the count is checked eo be less than or equal to the character array size), and numbers that represent keywords (their value is checked before it is used to index into an array of keyword text strings). Further methods of validation are well known in the art and will not be discussed herein.

In one embodiment, the replies that the user may make to the confirmation prompt are '~es", "no", Ctrl-C, Ctrl-Y, or the BREAK key.
No default responses exist in this embodiment. For each user response, the secure server may display a message restating tho response. If the response was "yesn or "no", the secure server 12 displays an indication of the computing session in the UOS 20 when it is being be resumed after cornmand completion.

-37- ~3~2~

lf, however, the user activ~tes the Ctrl-Y, Ctrl-C, or the BREAK
key, Ihe command w~ll be aborte~l. ln one embodimene, the CC then changes the command status co~le to negative. This may be done to inform the submitting process that the command has been aborted. In S these cases a direct session w;th the SSVR 12 will be established at process 300. In these instances, the user must explicitly issue a resume cornmand to return to the session in the UOS 20.

If the user conSrms the results or command, by replying with ~ "yes", ~t~ the command does not require confirmation, the TCB 10 enforces the system's securi~ policy at process 14S. At this process the TCB 10 determines if the user has the necessary access privileges to perform the requested activity. If the user has the required access rights, the SSVR 12, alone with other code in the TCB 10 aStempts to execute tbe command ~ ~ C~onal manner.

Upon attempte~l~ of the command, the SSVR 12 may inform the CC 14 of the execution status. In some high-security situations, concern for information flow from trusted to untrusted code will prevent informing the CC 14. The CC 14 may change the command status to indicate the SSVR 12 response. In addition, in alternate embodiment~s, the CC 14 changes the comrnand state from command ill ~ro~re~S 420 (FIG. 7) to comman~ dQ~ 43Q In these cases, the CC 14 notifies the submitting untrusted subject by traditional 2~257 methods (or by advanc;ng an eventcount for that process). The SSVR
12 then reestablishes the te~minal connection with the computing session in the UOS 20 from which the command was executed.

S In embodiments utilizing the sta~us code, if the user responds with "no", the secure server informs the session in the UOS 20 that the cornrnand was not executed (negative status code). If command states are also employed, the SSVR 12 changes the comrnand state to çumm~, and re-establishes the user's session in the general UOS
20 at process 160.

If the trusted command requested by the user is a command which affects one of the system databases, and the database record was changed by some other process or user between the time the confirmation display appeared and ihe current user con~nned the cornmand, then the SSVR 12 displa~ s a message indicating that a change has been made and requests reconfirmation. In this case, the SSVR 12 waits for 8 response as if it were the first time the infonnation was displayed.

To ensure that if two users attempt to modify the sa ne element at the same time, only one request is rejected, the TCB may utilize identifilers known as "modification counts" (mod-counts).

..

-39- 2~3~257 Each element of key databases (or registries) may contain a modification count. This mod-count is ~vanced after each modification and thus identif~es how many modi~ications have been made to the clatabase. Thus, when a user attemp~s to modify a database element, the SSVR 12 first obtains ~hat database element's mod-count. After the user has confirmed the request, the TCB 10 checks the mod-count in the request against the current mod-count.

A different mod-count indicates that a change has been made to the database element, and the user is asked to reconflrm the request since the result previously confirmed by the user is not what the result would actually be.

To deter malicious. users or subjects from preventing the execution of trusted commands, two measures may be taken. First, certain access rights may be required to charlge certain database elemen~.. Second, the mod-count should not be advanced when a modification is requested that does not change the database element.
In this manner, attempts by malicious subjects to prevent execution of a trusted comrnand, by rapidly and spuriously causing the mod-count to be incremented, will be inhibited.

V Once activity in the SSVR 12 is completed, the~session in the general UOS 20 is reestablished. In one embodiment, this may be 2 ~ 7 . ~o accompanied by the CC 14 informing the untrusted subject of the status of the submitted command. The untrus~ed code in the general UOS 20 then wake-up the untrusted process running in the UOS 20 at process 160. In one embodiment, before the TCB 10 passes the user to the S untrusted subject, the SSVR 12 prompts the user to activate a carriage return. This step is necessary to inform the user that he/she is being placed into an untnusted environment.

l~e ~VR a.~n Audit ~ecnr~çL~
In one embodi nent, the SSVR 12 audits (i.e., creates an audit trail by writing to an audit or log file) at the comrnand level. For direct cornmands the SSVR 12 audits both the command line and the final status of the command. For trusted commands (secure-attention commands), the SS~R 12 audits both the confirmation display and the fimal status of the command.

To record thc confirmation displays, the SSVR 12 defines a portion of memory to store the strings of information sent by the SSVR
12 to the user's termirlal. In one embodiment, this portion of memory is known as the "sink." Only the strings that comprise the SSVR's confirmation screens are placed in the sink.

Strings may be appended to the sink only when the sink is opened, The sink is opened when the SSVR 12 begins to service a ... . .

, 2~362~ ~

trusted command. The sink m~y be close(~ ~fter the user has responde(l to the confirmation prompt, or before lhe display of certain requested information. The information stored in the sink does not include the user input to any prompts.

The infonnation stored in the sink is maintained for auditing purposes and may be utilized according to traditional auditing practices.

Confi~ ,tion bv Qthers than the Submitting User In some situations it may be desirable for users other than the subrnitting user to con~rm a secure-attention cornmand. ~uch a situation may arise if there is a certain application or cornmand file that includes a privileged command but is needed to be run by a large number of users. In the cases where it may be impracticable to grant all of the users the necessary access rights, it may be possible to grant one user the necessary rights, and to allow him/her to confirm this cornmand for the other users.

Such non-subrnitting user con~lrmation may be accomplished by having the code in the untrusted subject lie about which user is submitting the command. For example, the code in the UOS 20 may ensure that certain comrnands are always sent to the TCB 10 as if they had been submitted by a selected user.

-42- 21~257 One purpose of this select user would be to confirm these certain comrnands for the o~her users. After a non-selec~ user submits one of the certain commands, the selected user will be notiaed that there is a submitted comrnand waiting. The select user may then observe the S confirmation display. If the select user determines that the co~runand submitted was a legitimate command, he/she may confirm the command. Othelw~se, the ori~ginal user's attempt to execute the command fails.

lû ImplementaIiQ~ ~p~Q~hÇs The method for executing trusted com nands described above may be implemented through the use of appropriatc software. The actual design and coding is a matter of routine for those skilled in the art having the benefit of this disclosure. Such a design will of course valy with the hardware platform and other factors associated with the specific desired implementation.

FIG. 5 illustrates one such method for implementing the present invention. A programmable maehine comprises a central processing lmit ~CPU) 21Q and an inputloutput (I/O) device 220. The I/O unit 220 is capable of reading and transmitting stored prograrnming instructions from known storage media 230. The CPU 210 is capable of processing these instructlons and executing the prograrnming steps ~3~s~

represented on media 230. Such systems are well known in the art and will not ~urther be described~

To implement the invention, the necessary programrning steps are stored on storage media 230 by traditional methods. The storage media 230 is then read by the l/O unit Z20 and the programming instructions are transmitted to the CPU 210. The CPU 210 reads and interprets the instructions, and may thereafter carry out the method of the invention.

:

Claims (20)

1. A machine-executable method for executing a trusted command issued by a user, said method comprising the steps of:
(a) parsing the trusted command in an untrusted computing environment to generate a parsed command;
(b) submitting the parsed command to a trusted computing environment;
(c) executing the parsed command in the trusted computing environment;
2. A method including the steps of claim 1 and additionally including the steps, executed after step (b) of claim 1, of:

(1) in the trusted environment, displaying a representation of the parsed command to the user;

(2) receiving a signal from the user signifying whether the displayed representation accurately represents the user's intentions;

(3) if the signal signifies that the displayed representation does not accurately represent the user's intentions, then preventing the performance of step (c) of claim 1.
3. The method of claim 2 wherein the representation of the parsed command is displayed, and the signal from the user is received, through a trusted path.
4. The method of claim 1 wherein the trusted computing environment comprises a security kernel.
5. The method of claim 1 wherein the untrusted computing environment comprises a general operating system.
6. A method for executing in a computing system a trusted command issued by a user, said method comprising the steps of:

(a) receiving user identification data from the user via a trusted path;

(b) receiving the trusted command from the user via an untrusted path;

(c) parsing the trusted command in an untrusted computing environment to generate a parsed command;

(d) submitting the parsed command to a trusted computing environment;

(e) in the trusted computing environment, performing a security check on the parsed command and user identification data; and (f) in the trusted computing environment, executing the trusted command.
7. The method of claim 6, wherein the security check enforces an Orange Book security criterion.
8. A method including the steps of claim 6 and additionally including the steps, executed after step (d) and before step (f) of claim 6, of:

(1) in the trusted environment, displaying a representation of the parsed command to the user;

(2) receiving a signal from the user signifying whether the displayed representation accurately represents the trusted command; and (3) if the signal signifies that the displayed representation does not accurately represent the trusted command, then preventing the performance of step (f) of claim 6.
9. A method including the steps of claim 6 and additionally including the steps, executed after step (d) and before step (f) of claim 6, of:

(1) in the trusted environment, displaying a representation of the parsed command to a second user;

(2) receiving a signal from the second user signifying whether the displayed representation accurately represents a legitimate command; and (3) if the signal signifies that the displayed representation does not accurately represent a legitimate command, then preventing the performance of step (f) of claim 6.
10. A method for ensuring the existence of a trusted path in a computing system comprising the steps of:

(a) in a trusted computing environment, upon login by a user, assigning a process identifier to the user in the trusted computing environment;

(b) storing the assigned process identifier in trusted memory;

(c) establishing a trusted path;

(d) in the trusted path, displaying the process identifier to the user; and (e) upon a subsequent entry into the trusted path, displaying the process identifier to the user.
11. The method of claim 10 wherein the process identifier is a randomly or pseudo-randomly generated group of alphanumeric characters.
12. The method of claim 11 wherein the process identifier is pronounceable.
13. An automatic data processing machine programmed to execute the method of any one of claims 1 to 12.
14. An automatic data processing machine comprising means for performing the method steps of any one of claims 1 to 12.
15. A program storage device readable by a machine and tangibly embodying a representation of a program of instructions adaptable to be executed by said machine to perform the method of any one of claims 1 to 12.
16. Apparatus for executing a trusted command that is issued by a user and that is parsed by untrusted parsing means to generate a parsed command, comprising:

(a) trusted means for receiving the parsed command;
and (b) trusted means for executing the parsed command.
17. Apparatus for controlling the execution by a machine of a trusted command that is issued by a user and that is parsed by untrusted parsing means to generate a parsed command, comprising:

(a) trusted-program storage means, readable by the machine, for causing the machine to receive the parsed command from the untrusted parsing means; and (b) trusted-program storage means, readable by the machine, for causing the machine to execute the parsed command.
18. Apparatus for controlling the execution by a machine of a trusted command that is issued by a user with user identification data and that is parsed by untrusted parsing means to generate a parsed command, comprising:

(a) trusted program storage means, readable by the machine, for causing the machine to receive the user identification data from the user;

(b) trusted program storage means, readable by the machine, for causing the machine to receive the parsed command from the untrusted parsing means;

(c) trusted program storage means, readable by the machine, for causing the machine to perform a security check on the parsed command and a security check on the user identification data; and (d) trusted program storage means, readable by the machine, for causing the machine to executed the trusted command.
19. Apparatus as in claim 18 and additionally comprising:

(1) trusted program storage means, readable by the machine, for causing the machine to display a representation of the parsed command to the user;

(2) trusted program storage means, readable by the machine, for causing the machine to receive a signal from the user signifying whether the displayed representation accurately represents the trusted command; and (3) trusted program storage means, readable by the machine, for preventing the machine from executing the trusted command if the signal signifies that the parsed command does not accurately represent the trusted command.
20. Apparatus as in claim 18 and additionally comprising:

(1) trusted program storage means, readable by the machine, for causing the machine to display a representation of the parsed command to a second user;

(2) trusted program storage means, readable by the machine, for causing the machine to receive a signal from the second user signifying whether the displayed representation accurately represents a legitimate command; and (3) trusted program storage means, readable by the machine, for preventing the machine from executing the trusted command if the signal signifies that the parsed command does not accurately represent a legitimate command.
CA002036257A 1990-02-13 1991-02-13 Method for executing trust-path commands Abandoned CA2036257A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US07/479,666 US6507909B1 (en) 1990-02-13 1990-02-13 Method for executing trusted-path commands
US479,666 1990-02-13

Publications (1)

Publication Number Publication Date
CA2036257A1 true CA2036257A1 (en) 1991-08-14

Family

ID=23904915

Family Applications (1)

Application Number Title Priority Date Filing Date
CA002036257A Abandoned CA2036257A1 (en) 1990-02-13 1991-02-13 Method for executing trust-path commands

Country Status (6)

Country Link
US (4) US6507909B1 (en)
EP (1) EP0443423B1 (en)
AU (1) AU7103191A (en)
CA (1) CA2036257A1 (en)
DE (1) DE69132809T2 (en)
GB (1) GB9103055D0 (en)

Families Citing this family (48)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA2082146C (en) * 1991-10-29 2005-11-15 Brendan Beahan Communications security and trusted path method and means
US5596718A (en) * 1992-07-10 1997-01-21 Secure Computing Corporation Secure computer network using trusted path subsystem which encrypts/decrypts and communicates with user through local workstation user I/O devices without utilizing workstation processor
SE9603962D0 (en) * 1996-10-30 1996-10-30 Christian Wettergren Device and method of communication
EP1056010A1 (en) 1999-05-28 2000-11-29 Hewlett-Packard Company Data integrity monitoring in trusted computing entity
EP1055990A1 (en) 1999-05-28 2000-11-29 Hewlett-Packard Company Event logging in a computing platform
US7353209B1 (en) * 2000-01-14 2008-04-01 Microsoft Corporation Releasing decrypted digital content to an authenticated path
US6938164B1 (en) * 2000-11-22 2005-08-30 Microsoft Corporation Method and system for allowing code to be securely initialized in a computer
US20020066039A1 (en) * 2000-11-30 2002-05-30 Dent Paul W. Anti-spoofing password protection
GB2372592B (en) * 2001-02-23 2005-03-30 Hewlett Packard Co Information system
GB2372595A (en) * 2001-02-23 2002-08-28 Hewlett Packard Co Method of and apparatus for ascertaining the status of a data processing environment.
GB2372594B (en) * 2001-02-23 2004-10-06 Hewlett Packard Co Trusted computing environment
US6871279B2 (en) * 2001-03-20 2005-03-22 Networks Associates Technology, Inc. Method and apparatus for securely and dynamically managing user roles in a distributed system
GB2378272A (en) * 2001-07-31 2003-02-05 Hewlett Packard Co Method and apparatus for locking an application within a trusted environment
US7783572B2 (en) * 2001-11-27 2010-08-24 Heartland Payment Systems, Inc. Apparatus and method for downloading configuration data to card terminals and for viewing activity at card terminals
CN100565479C (en) * 2003-01-20 2009-12-02 富士通株式会社 Copy preventing apparatus and duplicate the method for preventing
US7370212B2 (en) 2003-02-25 2008-05-06 Microsoft Corporation Issuing a publisher use license off-line in a digital rights management (DRM) system
US6970954B1 (en) * 2003-03-27 2005-11-29 Logicube, Inc. System and method for intercepting and evaluating commands to determine if commands are harmful or benign and to emulate harmful commands
US7620959B2 (en) * 2003-05-12 2009-11-17 Microsoft Corporation Reflection-based processing of input parameters for commands
DE20317062U1 (en) * 2003-11-06 2004-01-15 Siemens Ag Medical device for diagnosis and / or therapy with an operating console for controlling applications
EP1695167A1 (en) * 2003-12-17 2006-08-30 Telecom Italia S.p.A. Method and apparatus for monitoring operation of processing systems, related network and computer program product therefor
US7783891B2 (en) * 2004-02-25 2010-08-24 Microsoft Corporation System and method facilitating secure credential management
US20060242406A1 (en) * 2005-04-22 2006-10-26 Microsoft Corporation Protected computing environment
US8719591B1 (en) 2004-05-14 2014-05-06 Radix Holdings, Llc Secure data entry
US8347078B2 (en) 2004-10-18 2013-01-01 Microsoft Corporation Device certificate individualization
US8336085B2 (en) * 2004-11-15 2012-12-18 Microsoft Corporation Tuning product policy using observed evidence of customer behavior
US8464348B2 (en) * 2004-11-15 2013-06-11 Microsoft Corporation Isolated computing environment anchored into CPU and motherboard
US8176564B2 (en) 2004-11-15 2012-05-08 Microsoft Corporation Special PC mode entered upon detection of undesired state
US7360253B2 (en) * 2004-12-23 2008-04-15 Microsoft Corporation System and method to lock TPM always ‘on’ using a monitor
US8539587B2 (en) 2005-03-22 2013-09-17 Hewlett-Packard Development Company, L.P. Methods, devices and data structures for trusted data
US8438645B2 (en) 2005-04-27 2013-05-07 Microsoft Corporation Secure clock with grace periods
US8725646B2 (en) * 2005-04-15 2014-05-13 Microsoft Corporation Output protection levels
US9363481B2 (en) * 2005-04-22 2016-06-07 Microsoft Technology Licensing, Llc Protected media pipeline
US9436804B2 (en) 2005-04-22 2016-09-06 Microsoft Technology Licensing, Llc Establishing a unique session key using a hardware functionality scan
US20060265758A1 (en) 2005-05-20 2006-11-23 Microsoft Corporation Extensible media rights
US8353046B2 (en) * 2005-06-08 2013-01-08 Microsoft Corporation System and method for delivery of a modular operating system
US7752436B2 (en) * 2005-08-09 2010-07-06 Intel Corporation Exclusive access for secure audio program
US9087218B1 (en) 2005-08-11 2015-07-21 Aaron T. Emigh Trusted path
US7996682B2 (en) * 2005-10-17 2011-08-09 Microsoft Corporation Secure prompting
US20080024450A1 (en) * 2006-07-28 2008-01-31 International Business Machines Corporation A system for command-line keyboard buffer viewing and editing
US20100020971A1 (en) * 2008-07-24 2010-01-28 Richard Hanks Device and Method for a Secure Transaction
US8321916B2 (en) * 2008-12-19 2012-11-27 Intel Corporation Method, apparatus and system for remote management of mobile devices
US8850573B1 (en) * 2010-04-14 2014-09-30 Google Inc. Computing device with untrusted user execution mode
US8621649B1 (en) 2011-03-31 2013-12-31 Emc Corporation Providing a security-sensitive environment
US9396327B2 (en) * 2011-05-16 2016-07-19 D2L Corporation Systems and methods for security verification in electronic learning systems and other systems
US9195838B2 (en) * 2012-07-02 2015-11-24 At&T Intellectual Property I, L.P. Method and apparatus for providing provably secure user input/output
US9246884B1 (en) * 2013-03-14 2016-01-26 Rockwell Collins, Inc. Position-based cryptographic key management system and related method
US10698897B2 (en) 2017-09-25 2020-06-30 Splunk Inc. Executing a distributed execution model with untrusted commands
US10698900B2 (en) * 2017-09-25 2020-06-30 Splunk Inc. Generating a distributed execution model with untrusted commands

Family Cites Families (41)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4005386A (en) 1974-05-21 1977-01-25 Canon Kabushiki Kaisha Clearing system
US3956615A (en) * 1974-06-25 1976-05-11 Ibm Corporation Transaction execution system with secure data storage and communications
GB1561482A (en) 1976-11-18 1980-02-20 Ibm Protection of data processing system against unauthorised programmes
US4227253A (en) 1977-12-05 1980-10-07 International Business Machines Corporation Cryptographic communication security for multiple domain networks
US4405829A (en) * 1977-12-14 1983-09-20 Massachusetts Institute Of Technology Cryptographic communications system and method
US4310720A (en) 1978-03-31 1982-01-12 Pitney Bowes Inc. Computer accessing system
US4218738A (en) 1978-05-05 1980-08-19 International Business Machines Corporation Method for authenticating the identity of a user of an information system
US4253145A (en) 1978-12-26 1981-02-24 Honeywell Information Systems Inc. Hardware virtualizer for supporting recursive virtual computer systems on a host computer system
US4315101A (en) 1979-02-05 1982-02-09 Atalla Technovations Method and apparatus for securing data transmissions
US4488217A (en) 1979-03-12 1984-12-11 Digital Equipment Corporation Data processing system with lock-unlock instruction facility
US4328542A (en) 1979-11-07 1982-05-04 The Boeing Company Secure implementation of transition machine computer
US4442484A (en) 1980-10-14 1984-04-10 Intel Corporation Microprocessor memory management and protection mechanism
JPS57137957A (en) 1981-02-20 1982-08-25 Hitachi Ltd Terminal connection system
US4593353A (en) 1981-10-26 1986-06-03 Telecommunications Associates, Inc. Software protection method and apparatus
US4430728A (en) 1981-12-29 1984-02-07 Marathon Oil Company Computer terminal security system
US4829469A (en) 1982-07-12 1989-05-09 Pitney Bowes Inc. Security system for use with electronic postage meter to prevent lock erasure of data
US4531023A (en) 1982-08-13 1985-07-23 Hlf Corporation Computer security system for a time shared computer accessed over telephone lines
US4754326A (en) 1983-10-25 1988-06-28 Keycom Electronic Publishing Method and apparatus for assisting user of information retrieval systems
US4652990A (en) 1983-10-27 1987-03-24 Remote Systems, Inc. Protected software access control apparatus and method
US4584639A (en) 1983-12-23 1986-04-22 Key Logic, Inc. Computer security system
US4621321A (en) 1984-02-16 1986-11-04 Honeywell Inc. Secure data processing system architecture
US4669043A (en) 1984-02-17 1987-05-26 Signetics Corporation Memory access controller
US4751669A (en) 1984-03-30 1988-06-14 Wang Laboratories, Inc. Videotex frame processing
US4677546A (en) 1984-08-17 1987-06-30 Signetics Guarded regions for controlling memory access
US4799153A (en) 1984-12-14 1989-01-17 Telenet Communications Corporation Method and apparatus for enhancing security of communications in a packet-switched data communications system
US4754395A (en) 1985-05-06 1988-06-28 Computer X, Inc. Network interface module with minimized data paths
US4677670A (en) 1985-07-01 1987-06-30 Henderson Jr Paul B Paired-secure message identification controller for computers and the like
US4797853A (en) 1985-11-15 1989-01-10 Unisys Corporation Direct memory access controller for improved system security, memory to memory transfers, and interrupt processing
US4799061A (en) 1985-11-18 1989-01-17 International Business Machines Corporation Secure component authentication system
US4742447A (en) 1986-01-16 1988-05-03 International Business Machines Corporation Method to control I/O accesses in a multi-tasking virtual memory virtual machine type data processing system
US4794515A (en) 1986-01-17 1988-12-27 International Business Machines Corporation Protection of data in a multiprogramming data processing system
US4771461A (en) 1986-06-27 1988-09-13 International Business Machines Corporation Initialization of cryptographic variables in an EFT/POS network with a large number of terminals
US4748668A (en) 1986-07-09 1988-05-31 Yeda Research And Development Company Limited Method, apparatus and article for identification and signature
US4858117A (en) 1987-08-07 1989-08-15 Bull Hn Information Systems Inc. Apparatus and method for preventing computer access by unauthorized personnel
US4918653A (en) 1988-01-28 1990-04-17 International Business Machines Corporation Trusted path mechanism for an operating system
US4945468A (en) 1988-02-01 1990-07-31 International Business Machines Corporation Trusted path mechanism for virtual terminal environments
US4885789A (en) * 1988-02-01 1989-12-05 International Business Machines Corporation Remote trusted path mechanism for telnet
DE3803230C1 (en) 1988-02-04 1989-03-16 Benz & Hilgers Gmbh, 4000 Duesseldorf, De
US4926476A (en) 1989-02-03 1990-05-15 Motorola, Inc. Method and apparatus for secure execution of untrusted software
US4962533A (en) 1989-02-17 1990-10-09 Texas Instrument Incorporated Data protection for computer systems
US5073933A (en) * 1989-12-01 1991-12-17 Sun Microsystems, Inc. X window security system

Also Published As

Publication number Publication date
US7036022B1 (en) 2006-04-25
DE69132809T2 (en) 2002-05-29
US6507909B1 (en) 2003-01-14
US20050097354A1 (en) 2005-05-05
DE69132809D1 (en) 2001-12-20
EP0443423A2 (en) 1991-08-28
GB9103055D0 (en) 1991-03-27
US6871283B1 (en) 2005-03-22
AU7103191A (en) 1991-08-15
EP0443423A3 (en) 1993-04-21
EP0443423B1 (en) 2001-11-14

Similar Documents

Publication Publication Date Title
US7036022B1 (en) Verification of trusted-path commands
US7437766B2 (en) Method and apparatus providing deception and/or altered operation in an information system operating system
US5347578A (en) Computer system security
US7296274B2 (en) Method and apparatus providing deception and/or altered execution of logic in an information system
KR910005995B1 (en) Method of protecting system files and data processing system
Gasser Building a secure computer system
US8925090B2 (en) Methods, systems, and media for detecting and preventing malcode execution
Curry UNIX system security
Long et al. The CERT Oracle Secure Coding Standard for Java
US6779117B1 (en) Authentication program for a computer operating system
US7490072B1 (en) Providing access controls
US7350067B2 (en) Bios security management
Landwehr et al. A taxonomy of computer program security flaws, with examples
US20070130620A1 (en) Method, computer arrangement, computer program and computer program product for checking for the presence of control statements in a data value
US7523488B2 (en) Method for performing data access transformation with request authorization processing
US7134017B2 (en) Method for providing a trusted path between a client and a system
RU2134931C1 (en) Method of obtaining access to objects in operating system
Jiang et al. Tracing worm break-in and contaminations via process coloring: A provenance-preserving approach
CN112464176A (en) Authority management method and device, electronic equipment and storage medium
US20080133714A1 (en) Eagleeyeos zone: method of control of separation technology of file sharing for network computers
Bishop Reflections on UNIX Vulnerabilities
Ramasubramanian et al. An active rule based approach to database security in e-commerce systems using temporal constraints
CN111209580A (en) Method, system and medium for isolating shared user environment based on mandatory access control
Hilchie A trusted path design and implementation for security enhanced linux
Jajodia et al. Basic security concepts

Legal Events

Date Code Title Description
FZDE Dead