Integrity OS to be Released Commercially

Share

The Integrity Operating System, an OS with the highest security rating from the National Security Agency (NSA) and used by the military, will now be sold to the private sector by Integrity Global Security, a subsidiary of Green Hills Software. The commercial operating system will be based on the Integrity 178-B OS, which was used in the 1997 B1B Bomber and afterwards in F-16, F-22 and F-35 military jets. It is also used in the Airbus 380 and Boeing 787 airplanes[1].

The Integrity 178-B OS has been certified EAL6+ (Evaluation Assurance Level 6) by the NSA and is the only OS to have achieve this level of security for now. Most commercial operating systems such as Windows and Linux distributions have an EAL4+ certification. The EAL is a certification which indicates a degree of security of the operation system, level 1 is about applications having been tested but where a security breach would not incurs serious threats. A level 7, the highest level, contains applications strong enough to resist a high risk of threats and can withstand sophisticated attacks. Only one application has a level 7 certification and it is the Tenix Data Diode by Tenix America[2].

The Integrity OS can run by itself or with other operating systems on top, such as Windows, Linux, MacOS, Solaris, VxWorks, Palm OS and even Symbian OS. Each OS being in is own partition to limit the eventual failures and security vulnerabilities to the OS only.

Product

Type

Protection Profile

Security Level

INTEGRITY

Operating System

SKPP

EAL 6+

Linux

Operating System

CAPP, LSPP

EAL 4+

PR/SM LPAR Hypervisor

Virtualization

Custom

EAL 5

SELinux

Operating System

Not evaluated

EAL 4+

Solaris (and Trusted Solaris)

Operating System

CAPP, LSPP

EAL 4+

STOP OS

Operating System

CAPP, LSPP

EAL 5

VMware

Virtualization

Custom

EAL 4+

Windows Vista

Operating System

Not evaluated

EAL 4+

Windows XP

Operating System

CAPP

EAL 4+

Xen

Virtualization

Not evaluated

EAL 4+

Main Operating Systems with the type of protection profile used and the assigned EAL[3]

The main feature of the Integrity OS is the use of the Separation Kernel Protection Profile (SKPP). A protection profile (PP) is a document used by the certification process, which describes the security requirements for a particular problem. The SKPP is a standard developed by the NSA and in which the requirements for a high robustness operating system are defined and are based on John Rushby‘s concept of Separation Kernel. This concept can be summarized as:

… a single-processor model of a distributed system in which all user processes are separated in time and space from each other. In a distributed system, the execution of each process takes place in a manner independent of any other[4]

Basically, the concept is about a computer simulating a distributed environment, and each process is independent from the other, thus preventing that a corrupted or breached application gives inavertedly access to restricted resources, as it is often the case in privilege escalation in other commercial OS.

Schema of the Integrity 178B Operating System
Schema of the Integrity 178B Operating System

What makes SKPP standard so secure is that it requires a formal method of verification during the development. Furthermore, the source code is examined by a third party, in this case, the NSA.

SKPP separation mechanisms, when integrated within a high assurance security architecture, are appropriate to support critical security policies for the Department of Defense (DoD), Intelligence Community, the Department of Homeland Security, Federal Aviation Administration, and industrial sectors such as finance and manufacturing.[5]

Of course, the OS might be conceived for security and toughness, but in the end, it all depends on how it is used and configured…That’s going to be the real test. As far as I believe the people who verified the OS are competent, and all the expensive tests the company has paid to check their operating system are rigorous, the real exam would be to release it in the wild so that hackers from all around the world can have a try at it. Hopefully, we might be able to play with this OS someday…

See also:

U.S. Government Protection Profile for Separation Kernels in Environments Requiring High Robustness“, Information Assurance Directorate, June 29, 2007

Formal Refinement for Operating System Kernels, Chapter 4 p. 203-209“, Iain D. Craig, Springer London, Springer Link, July 2007

Separation kernel for a secure real-time operating system“, Rance J. DeLong, Safety Critical Embedded Systems, February 2008, p.22

Controlled Access Protection Profile“, Information Systems Security Organization, National Security Agency, October 8, 1999


[1] “Secure OS Gets Highest NSA Rating, Goes Commercial”, Kelly Jackson Higgins, DarkReading, November 18, 2008, http://www.darkreading.com/security/app-security/showArticle.jhtml?articleID=212100421 (accessed on November 19, 2008)

[2] “TENIX Interactive Lin k solutions”, TENIX America, http://www.tenixamerica.com/images/white_papers/datasheet_summary.pdf (accessed on November 19, 2008)

[3] “The Gold Standard for Operating System Security: SKPP”, David Kleidermacher, Integrity Global Security, 2008, http://www.integrityglobalsecurity.com/downloads/SKPPGoldenStandardWhitePaper.pdf (accessed on November 19, 2008)

[4] “Formal Refinement for Operating System Kernels”, Iain D. Craig, Springer London, Springer Link, July 2007, p. 203

[5] “U.S. Government Protection Profile for Separation Kernels in Environments Requiring High Robustness”, Information Assurance Directorate, June 29, 2007, p.10

International Monetary Fund Infected With Spyware

Share

According to a misleading and pretty much unrelated article, FOX News reports that the International Monetary Fund (IMF) network has been infected by spyware[1]. The IMF denies any security breach or critical intrusion problems.

The article goes on discussing various topics such as the financial crisis, cyber security of the new president-elect and event describe spyware as “software that is secretly installed on a computer to intercept information or take control of the system” which is partially wrong, as spyware don’t necessarily implies control of the computer, and as far as I know, spyware can come bundled with software and doesn’t mean it’s secretly installed. It does, however intercept information, but that could be information about surfing habits. No information is given about the data collected or the type of spyware detected, but always according to FOX, “cyber-hackers” would be the cause…

The report goes on writing about Chinese attempts to develop cyber warfare capacities, which is not related, and do not give any concrete information about the alleged “security breach” at the IMF. FOX News cites a spokesman, Bill Murray, saying precautions had been implemented but didn’t report anything about an “intrusion”:

“There was no lockdown as far as I’m aware” says Murray. “I’m not aware of any major breaches, but enhanced security measures have been taken.”

Therefore, be suspicious about this story, as it seem widely over exaggerated by FOX News . I’m not quite sure the author really knows what he’s talking about…


[1] “Cyber-Hackers Break Into IMF Computer System”, Richard Behar, FOX News, November 14, 2008, http://www.foxnews.com/story/0,2933,452348,00.html (accessed on November 17, 2008)

New Cyber Attack on the Way

Share

A new SQL Injection tool is being used to conduct a mass cyber attack on various servers across the net. It has already attacked websites such as Travelocity.com, countyofventura.org and missouri.edu[1]. Websense has observed around 1200 servers from Europe, Asia and the U.S containing the injection.

“Websites being hacked and links placed on them that lead to malicious servers. We’re estimating that in the last two days along, between 2000 and 10,000 servers, mainly Western European and American ones, have been hacked. It’s not yet clear who’s doing this.[2]says an analyst from Viruslist.com.

The targeted websites are usually running an ASP engine and are hacked by using stolen accounts or using SQL injections. The injection add a javascript line at the end of the page: <script src=http://<domain>/h.js>, where <domain> is a domain redirecting to another server called wexe.com. Kaspersky Lab, which has first reported the attack[3], has identified 6 of those domains:

  • armsart.com
  • acglgoa.com
  • idea21.org
  • yrwap.cn
  • s4d.in
  • dbios.org

These servers will retrieve a javascript (h.js) from a Chinese server called wexe.com, which will try various exploits against the victims. If one is found, it will install a variety of Trojans that will try to download even more downloaders, steal World of Warcraft accounts and other private information. All that is done without the user’s knowledge, and could be done from legitimate websites.

Don Jackson, director of threat intelligence for SecureWorks, is saying that his team is currently in talks with the developers of the tools in order to get a copy and reverse-engineer it. Jackson claims that the attacks looks like the same used by the Asprox botnet, but is less aggressive and stealthier. The tool also uses a digital rights management (DRM) system.


[1] “Relentless Web Attack Hard To Kill”, Kelly Jackson Higgins, DarkReading, November 11, 2008, http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=212001872 (accessed on November 12, 2008)

[2] “Big Chinese Hack 2?”, Viruslist.com, http://www.viruslist.com/en/weblog (accessed on November 13, 2008)

[3] Ibid.

Survey Points to Energy Sector at Risk of Cyber Attacks

Share

A survey of 200 leaders from the critical infrastructure industries revealed that the energy sector is the most likely to be victim of a cyber attack. The survey was completed by IDC was conducted in August and October in Canada, the U.S and Europe[1].

The reasons to explain this phenomenon are the cost, apathy and government bureaucracy according to the survey. Also, industries are adding more and more possible access points to the internal network by connecting new sensors, meters and other equipment to their networks.

“]Percentage of respondents prepared and not prepared by industry sectors

Of course, energy industries networks are valuable targets, and would probably be the first victims in a case of a full-scale cyber attack. And as the events of 2003 shown[3], only a few power plants need to go down in order to create chaos on a wide region.

If costs are the main factor to wait before securing networks, security is not likely to be in the priorities of managers during the economic crisis that’s coming on the horizon. Unfortunately, those who take the risk of not hardening their security now may pay the price later…And according to Rick Nicholson, research vice president for IDC’s Energy Insights:

“Most utility CIOs [chief information officers] believe that their companies will be compliant with relevant standards, but still have a long way to go before being adequately prepared for all cyber attacks.”

Another interesting point, all these news come right after a newly president-elect enters the Whitehouse… see Whitehouse Hacked by Chinese Several Times, Both U.S Presidential Campaigns Hacked.


[1] “Survey: Critical infrastructure risks cyber attack”, Miya Knights, IT PRO, November 10, 2008, http://www.itpro.co.uk/608067/survey-critical-infrastructure-risks-cyber-attack (accessed on November 11, 2008)

[2] “Energy industry at risk of cyberattack, survey says”, Elinor Mills, November 11, 2008, http://news.cnet.com/8301-1009_3-10094382-83.html?part=rss&tag=feed&subj=News-Security (accessed on November 11, 2008)

[3] “Blackouts cause N America chaos”, BBC News, August 15, 2003,  http://news.bbc.co.uk/2/hi/americas/3152451.stm (accessed on November 11, 2008)

Romanian Programmer Convicted of Hacking U.S Navy, NASA and Dept. of Energy

Share

Victor Faur, a Romanian accused of hacking the U.S Navy, NASA and Department of Energy systems between 2005 and 2006 have been accused of illegally breaking into unauthorized computer systems.

Victor Faur, found guilty of hacking into NASA, Dept. of Energy and U.S. Navy systems
Victor Faur, found guilty of hacking into NASA, Dept. of Energy and U.S. Navy systems

At the end of a 10 months trial, the 28 years old computer programmer received a 16-month suspended prison sentence  and will have to pay 230 000$ to the 3 organizations. Victor Faur will have to pay to NASA 214,200 dollars, to the US Department of Energy 15,032 dollars and to the US Navy some 8,856 dollars[1].

Faur told the audience that he hacked into the system to expose the flaw, as he was part of a group called the “White Hat” team[2].

It is still unknown if Faur will face the same fate as British hacker Gary McKinnon[3], who fights extraditions to the U.S. At the beginning of the trial, Thom Mrozek, the U.S attorney’s spokesman, said that the hacker would face a trial in Los Angeles after the Romanian trial. If convicted in a US court, he could end up in jail for 54 years.

See also:

US Navy hacker avoids Romanian jail“, John Leyden, The Register, November 11, 2008 http://www.theregister.co.uk/2008/11/11/us_navy_hack_sentencing/ (accessed on November 11, 2008)


[1] “Romanian Victor Faur receives suspended sentence for illegally accessing NASA files”, HotNews, November 6, 2008, http://english.hotnews.ro/stiri-top_news-5072386-romanian-victor-faur-sentenced-prison-time-for-illegally-accessing-nasa-files.htm (accessed on November 11, 2008)

[2] “Romanian NASA hacker gets suspended sentence”, Associated Press, November 10, 2008, http://ap.google.com/article/ALeqM5hfpRlmAltvPNjKBY6nCLqoRg-26AD94C54SG1 (accessed on November 11, 2008)

[3] “‘Hacker’ extradition case reopens”,  BBC News, February 14, 2006, http://news.bbc.co.uk/2/hi/uk_news/4712700.stm (accessed on November 11, 2008)