Heralding a security strategy of infinite access through technology, Sun advocates integrating security into existing infrastructure while having it remain invisible to users and managers. Sun's operating systems are no exception, as evidenced by the security enhancements in the SolarisTM 10 Operating System (Solaris OS).

There are five key technologies integrated in the Solaris 10 OS to protect enterprises from internal and external attacks while reducing the cost of management and protecting existing investments, according to an article by Ravi Iyer, group manager for Security in the Systems Software Marketing group at Sun.

N1 Grid Containers

The proliferation of systems is reduced through multiple execution environments within a single Solaris OS instance, which enforces security isolation, resource isolation and fault isolation.

• Security Isolation: N1TM Grid Containers are shielded from the outside world and the tenants of a container are assured that no other users of a container on the same system can "see" what they are doing, or derive or compromise information.

• Resource Isolation: N1 Grid Containers are not allowed to exceed preassigned limits in a given pool.

• Fault Isolation: A fault or a process in one container does not adversely affect processes running in other containers.

Process Rights Management

A more granular privilege use model helps developers and system administrators ensure that application vulnerabilities cannot be exploited and cause widespread system damage.

User Rights Management

Higher levels of granularity than in Solaris 8 OS and Solaris 9 OS are available in the RBAC technology, which mitigates attacks from trusted insiders.

Automated Patch Tool

Verifies the integrity of signed patches, allowing for easy patch removal and restoration that is essential for ensured security.

Solaris OS Cryptographic Framework

The ability to hide the complexity of cryptographic functions that are implemented in hardware or software, from the applications. Based on the industry accepted PKCS#11 standard, this function enhances performance and centralizes management of cryptographic operations.

Iyer concludes that "Innovation in rights management for processes and users, N1 Grid Containers, cryptographic infrastructure with already strong features in authentication and access control has the potential to make Solaris 10 the most secure operating platform in the market."

To read more about Solaris 10 OS security enhancements, go to:

http://www.securityfocus.com/infocus/1776 [...read more...]

From the latest issue:

Recent Blog Entries as of July 4, 2009, 8:30 am
'Managing ZFS File Systems in Solaris Containers' Demonstrating Out-of-the-box Performance Gains with memcached-1.3.1 The Father of Java on His Progeny's Future Patch Checked Advanced (PCA) - Solaris OS Patch Management Utility VirtualBox 3.0 Released	Doing a Mobile Install of OpenSolaris and VirtualBox on a Laptop Latest Support and Key Features of Solaris Cluster for SAP NetWeaver Stack Solaris News Bites White Paper: Getting Ahead of The Trend in the Mobility Market Intel Xeon 5500 Processor Series on OpenSolaris, Solaris, and Linux
Blog RSS Feed