SecureDesktop
SecureDesktop
(SD) is a security-system for OS/2-Warp 3, Warp 4 and WarpServer
for e-Business computers with installed security option (SES).
It enables every user to
work on his own desktop, with his own folders and icons. This is
called serial multiuser-desktop - on UNIX there is the same
mechanism.
Later,
when the CLA is ready, it will be possible to use your own desktop
an every computer in a network - this will work independend from
network-protocol!
Additional
SecureDesktop will bring security level C2 for user files
and security level B1 for system-files to OS/2.
SD consists of several
modules. Currently the modules for UIA and SLA are ready and
available.
|
|
|
|
User
Identification Authority |
The User Identification Authority UIA checks whether the user datas are correct. If they are correct the SLA is enabled else the system is blocked. |
|
System Logon
Authority |
The System Logon Authority SLA is responsible for creating a client user handle. This handle is unique in the system. It also starts the WPS when the all user security contexts are created. After this actions is successful the CLA is started - if it is possible. |
|
Client Logon Authority |
The Client Logon Authority CLA can work as single-sign-on coordinator. It distributes all user informations over a network and loggs on or off the user on every server. |
|
Access Control Authority |
The Access Control Authority ACA regulates the access controls, for example file-access. BUT to write an ACA you must be very fit in programming because you work on kernel level! |
|
Remote Logon Authority |
The Remote Logon Authority RLA enables you to watch all login-procedures and then it gives every user an security-context. |
|
Attention |
All this "autorities are very difficult to program, because some of this functions work in the kernel space. If there is an error you will get a trap. |
|
|
|
|
File Access Control |
Controlling the access for files, directories, drives and devices (devices are part of the file-system) |
|
Distributed WPS |
The user has access to his own WPS everywhere in the network |
|
Security Levels |
For each user security level C2 is build up, but for system-files I will built up security-level B1 |
|
Trusted Applications |
Applications do not have any rights to access system-files like CONFIG.SYS, OS2SYS.INI and so on. Only the administrator will set access rights to special applications that want to manipulate the system-files (e.g. INI-Editors) |
|
Remote Login |
I want to create remote login services which control things like DialUp and Network-Logon. This services will work either with TCP/IP and/or with NetBIOS/IPX |
|
Services Manager |
The services manger controls processes which are running unvisible in the background. The services manager shopws a graphical user interface which enables the administrator to start, stop or suspend this processes. It will also watch over the LAN-Server/Peer-Services and the IP-Services. |
|
Symbolic File-Links |
Linkage of Files or Directories over the whole space that an OS/2-Network can access (like UNIX). This will be controlled from the WPS (creation of WPShadow-Objects) |
|
Your computer should have enough memory either on harddisk or in RAM. I calculate 2 MB for each user and 2 MB for SecureDesktop itself. |
|
|
|
|
|
Private Users |
up to three
computers free |
|
Commercial Users |
for each computer
DM 40,- |
|
Updates,
|
up to version 2.0 costfree! |
|
Where
can I get it? |
|
|
securedesktop german |
german version of SecureDesktop |
|
securedesktop english |
english version of SecureDesktop |
|
info german |
infotext in german language |
|
info english |
infotext in english language |
|
(Please type the subject correctly, because I use filters on my email-client to sort in the orders - THANKS) |
|