TrustedBSD

The TrustedBSD project provides a set of trusted operating system extensions to the FreeBSD operating system, targeting the Common Criteria for Information Technology Security Evaluation (see also TCSEC). This project is still under development, and many of these trusted extensions have been integrated into the FreeBSD 5.x current development track.

The main focuses of the TrustedBSD project are working on access control lists, event auditing, extended attributes, fine-grained Capability_(computers), and mandatory access controls. As part of the TrustedBSD project, there is also a port of the NSA s FLASK/TE implementation in SELinux to run on FreeBSD. More recent work includes the development of OpenBSM, an open source implementation of Sun s Basic Security Module (BSM) API and file format for audit logs, which supports an extensive security audit system that will be shipped as part of FreeBSD 6.0.

=See also=

Secure operating systems

Security focused operating systems

Capability_(computers)

Computer security#Capabilities vs. ACLs

Computer security

Security engineering

FreeBSD

OpenBSM

bug.lv

=External Links=

[http://www.trustedbsd.org/ TrustedBSD Website]

[http://www.OpenBSM.org/ OpenBSM Website]

=Attribution=

Much of the information in this article was taken from information discussed on the mailing lists and on the TrustedBSD website. The TrustedBSD project was started primarily by Robert Watson, an active FreeBSD committer and member of the FreeBSD Core Team.