Operating Systems offer unique insights into how to write complex software securely. In this presentation, I look at how different security-focused operating systems approach security, and take a look at what their approaches mean for security students.
Key Take-aways
- Adhering to good software development practices reduces risk
- Reducing complexity and focusing on the best technical solutions leads to a smaller attack surface and better understood systems
- The deep integration of hardware, applications, and operating systems leads to highly trusted environment
- Security is a trade off with other priorities, and a fair balance is needed to produce viable software
Sources
- https://jamsek.dev/posts/2019/Oct/14/openbsd-secure-by-default/
- https://jamsek.dev/posts/2019/Oct/09/openbsd-clean-correct-code-by-default/
- https://marc.info/?l=openbsd-misc&m=156367720708049
- https://blackberry.qnx.com/en/ultimate-guides/what-is-real-time-operating-system
- https://www.qnx.com/developers/docs/7.1/
- https://kp4-cdn.samsungknox.com/resource/Samsung%20Knox%20Security%20Handbook_bx4Z.pdf
- https://www.openbsd.org/papers/akqit06
- https://www.cisco.com/c/dam/en_us/about/doing_business/trust-center/docs/trustworthy-technologies-datasheet.pdf
Disclaimer
This presentation and page are subject to the disclaimers at beave.rs/disclaimer.
Corrections
No corrections have been issued at this time.