Supporting a Trusted Path for the LINUX operating system

Abstract

The existence of Trojan horses, viruses, and other malicious software has motivated the computer security industry to invent mechanisms that protect against malicious software. One such mechanism is called the Trusted Path. The Trusted Path provides a way for the system to authenticate itself to the user. Once invoked, the Trusted Path provides an environment in which the user can perform trusted operations such as login, logout, and change password. This thesis provides a high level design for a Trusted Path and an in depth analysis of how a Trusted Path can be implemented in the Linux operating system. Research of process family creation and keyboard handling has led to the implementation of a Secure Attention Key that can be used to invoke a Trusted Path in Linux. This research is meant to be used in combination with other efforts to enhance the Linux operating system as an inexpensive platform for instruction on computer security policies.