A message to the Linux community from Maximiliano Cristia . . .

GIDIS Trusted Linux is a security-enhanced version of Linux which descends from Lisex. Lisex is a multilevel security (MLS) prototype of Linux developed by GIDIS from National University of Rosario (Argentina). GIDIS Trusted Linux has been developed with a great deal of Formal Methods.

Recently, the economic support given by our sponsor has finished. Therefore, the R&D Group on Software Engineering (GIDIS) is now searching for partners, investors, sponsors, or funding institutions interested in supporting the GIDIS Trusted Linux project. Any kind of support is welcome, including grants, subsidies, computer equipment, etc. In return, GIDIS offers to share any economic benefit originated in marketing GIDIS Trusted Linux as well as any industrial patent derived from it. Also, we want to enter into relations with other R&D groups on software engineering, computer security, or formal methods. If you are interested in this proposal please contact Maximiliano Cristiá. (Note: Some Lisex documentation is currently available in Spanish only. Near future versions of the documentation will be released in English, as well.)

Below, there is a review of the key aspects of the GIDIS Trusted Linux project and some useful information related to it.

Researchers and developers at GIDIS have reached all these Lisex's goals

• to modify the Linux file system in order to include multi-level secure controls
  
• to provide to the public domain a prototype featuring the essential system capabilities
  
• intensive use of Formal Methods during development
  
• to point out the most problematic disadvantages of multi-level implementations (in terms of usability) in order to avoid them on the development of GIDIS Trusted Linux.

Frederick Brooks says: “plan to throw one away; you will, anyhow”. Lisex is just a prototype. GIDIS personnel has learned a lot while building Lisex. GIDIS Trusted Linux will feature all Lisex's capabilities plus some key enhancements that will make it an appealing industry option for secure operating systems.
GIDIS team and more on GIDIS Trusted Linux

The GIDIS team is formed by a group of young researchers with lot of flesh and exciting ideas. Moreover, this young team have undoubtedly demonstrated its technical skills. They have successfully applied Formal Methods to specification, verification, implementation and testing of Lisex. Despite the fact that Lisex shares many of the problems of traditional MLS implementations, we strongly believe that the team's ideas will lead to a version of GIDIS Trusted Linux that overcomes the main problems regarding usability. Also these ideas will guarantee the reliability of the development process and the product itself with formal methods. We also believe this is a very good high tech business opportunity for those interested on supporting innovative projects.

To summarize these ideas, we could say that the main disadvantage of MLS implementations is that they are unnecessarily restrictive. This systems tend to reduce their usability making everyday tasks a nightmare. We have noticed the root of a number of restrictions and developed solutions to each of them. Thus, implementing them will take the resulting system to its highest level of usability without leaving the MLS model. These solutions and ideas are described in a white paper; please, contact us for a copy of it.

Incorporating these new ideas into a UNIX-like operating system kernel (Linux, BSD, or any proprietary version), will yield a new MLS implementation with a huge applicability to the industry because:

• it will be compatible with almost all application software; (i.e. it will be unnecessary to modify or adapt most of the applications);
  
• an unusual level of usability for MLS implementations will be reached;
  
• it will enforce an MLS security policy featuring great resistance against confidentiality attacks performed by means of Trojan horses;
  
• it will have a performance just below that of any non-MLS implementation;
  
• it will be developed with an intensive use of Formal Methods that greatly increase system reliability and correctness, and clear the way to the highest Common Criteria accreditation levels.

In order to develop GIDIS Trusted Linux, the group needs this kinds of resources:

• scholarships, grants, investments, etc. which will allow us to preserve the highly skilled technical group that was able to develop its predecessor (Lisex);
  
• computer equipment (PCs, servers, printers, communication devices, etc.) which will allow us to work faster and more efficiently;
  
• physical facilities, accommodations, etc. which will allow us to increase the number of team members;
  
• Internet connexion service, books, translation services, subscriptions to specialized magazines and journals.

GIDIS offers to share with all kinds of investors GIDIS Trusted Linux's patent and/or any other profit which could come from sales and/or services based in this product or its derivatives.

If you or your organization are interested in this proposal we encourage you to contact us: [email protected] or [email protected] .

Maximiliano Cristiá
GIDIS Leader
[email protected]
R+D Group on Software Engineering
Computer Science Department
Engineering Faculty
National University of Rosario
Rosario – Argentina

References:

• GIDIS
• Lisex
• GIDIS Trusted Linux

 
This article was originally published on LinuxDevices.com and has been donated to the open source community by QuinStreet Inc. Please visit LinuxToday.com for up-to-date news and articles about Linux and open source.