Sun unveils Trusted Solaris update
- By John Monroe
- Jul 20, 1997
Sun Microsystems Inc. last week introduced a new version of its Trusted Solaris operating system updating the software to support a much broader sweep of applications and to run on much of Sun's most current hardware offerings.
With Trusted Solaris 2.5 Sun is trying to reduce the compromises its customers must make to install multilevel secure (MLS) workstations or servers.
Like its predecessor - Version 1.2 - the new version of Trusted Solaris can be customized to meet C2 B1 or Compartmented Mode Workstation (CMW) security requirements as defined by the National Security Agency.
However unlike Version 1.2 Trusted Solaris 2.5 is based on the most recent generation of the standard Solaris operating system. Because Version 1.2 was based on an older operating system it could not run on 64-bit UltraSPARC workstations or servers.
Also Version 1.2 because of its underlying security architecture could run only a limited set of off-the-shelf applications. The new release will run most Solaris applications unmodified as long as they do not access or modify the Unix kernel or override other system protocols or interfaces according to Sun. For example Trusted Solaris users now can run Netscape Communications Corp. software at multiple levels of security.
Trusted Solaris Version 1.2 forced users to be "one generation behind" the most current technology said John Leahy group manager at Sun Microsystems Federal Inc. "This product brings MLS and CMW right up to the latest commercial technology it takes that gap and compresses it significantly."
The new product comes standard with a security-enhanced version of the Common Desktop Environment graphical user interface which is becoming the industry standard for Unix systems.
The product also includes a trusted version of the Solstice AdminSuite for centralized system management. Both products work the same as their commercial counterparts but they are designed to work within Trusted Solaris security parameters. "We really tuned it to be as usable as we could " said Joe Alexander product line manager for Trusted Solaris at Sun Federal.
Trusted Solaris 2.5 supports such features as mandatory access control in which data of different security classifications - such as secret and top-secret - can be stored on the same file system by allowing access only to authorized users.
Security administrators also can create security profiles that define access to specific tools and commands and assign those profiles to selected individuals or groups of users. Security administrators also can limit end-user access to particular classes of data.
Additionally Trusted Solaris' use of "trusted roles" ensures that a systems administrator cannot take any action that violates policies established by the security administrator according to Sun. It prevents the creation of a "superuser" with unlimited administrative authority.
Database vendor Oracle Corp. has a large installed base of customers using Trusted Solaris and Trusted Oracle. and the company looks forward to being able to move those customers to Sun's newest platforms said Tim Ehrsam director of business development for security products at Oracle.
"We have been able to make some good solutions for our customers by combining [our trusted software] " Ehrsam said. "Now it's really coming to a fruition where we can come together with our latest and greatest and their latest and greatest [technology] " he said.
Other vendors agreed.
"We are really looking forward to working with the new product " said Mike Burgoon president of Trusted Computer Solutions a Herndon Va. company that specializes in security engineering. TCS makes such products as the Ops/Intel Workstation which runs the Defense Department's Joint Deployable Intelligence Support System software in a CMW mode.
While much of DOD has been moving to the current Solaris environment TCS has been unable to migrate its applications because of the limits of Trusted Solaris 1.2 Burgoon said. TCS plans to port at least four products to the new operating system he said.
Trusted Solaris costs $349 per desktop or $3 395 for a server version. However as part of a special promotion the software will cost only $149 for a desktop or $1 395 for a server. Sun plans to submit Trusted Solaris 2.5 for a B1+ evaluation by the end of the year Alexander said.