Operating System Security

Operating Systems offer unique insights into how to write complex software securely. In this presentation, I look at how different security-focused operating systems approach security, and take a look at what their approaches mean for security students.

Key Take-aways

• Adhering to good software development practices reduces risk
• Reducing complexity and focusing on the best technical solutions leads to a smaller attack surface and better understood systems
• The deep integration of hardware, applications, and operating systems leads to highly trusted environment
• Security is a trade off with other priorities, and a fair balance is needed to produce viable software

Sources

• https://jamsek.dev/posts/2019/Oct/14/openbsd-secure-by-default/
• https://jamsek.dev/posts/2019/Oct/09/openbsd-clean-correct-code-by-default/
• https://marc.info/?l=openbsd-misc&m=156367720708049
• https://blackberry.qnx.com/en/ultimate-guides/what-is-real-time-operating-system
• https://www.qnx.com/developers/docs/7.1/
• https://kp4-cdn.samsungknox.com/resource/Samsung%20Knox%20Security%20Handbook_bx4Z.pdf
• https://www.openbsd.org/papers/akqit06
• https://www.cisco.com/c/dam/en_us/about/doing_business/trust-center/docs/trustworthy-technologies-datasheet.pdf

Disclaimer

This presentation and page are subject to the disclaimers at beave.rs/disclaimer.

Corrections

No corrections have been issued at this time.