A security kernel is essentially the core of a computer’s or network’s security implementation. It is the core of a secure computing environment, which can be implemented in the form of a hardware component installed in a computer or network topology, a software implementation, or a firmware system installed on a computer microchip. By whatever means, the kernel becomes the central location for setting access permissions for a computer or network resources.
man holding computer
One of the earliest implementations of the security kernel was a virtual machine monitor developed in the 1970s for Digital Equipment Corporation® (DEC®) Virtual Address Extension (VAX) computer systems. The computer can be configured into multiple virtual machines, each running a different operating system, with access to different resources, and with different security protocols. In this case, the kernel resided on the real machine where the virtual machines were located and managed access control to the different virtual machines, which could have different levels of security.
The most common implementation of a security kernel is through a software layer within a computer’s operating system. The system design can be seen as a series of rings, similar to an onion, where each layer accesses the ones below. In the absolute center is the hardware. The first layer on top of the hardware would be the security core, which contains all the authentication and access control instructions for accessing a computer’s hardware. On top of that is the rest of the operating system, and on top of that are program and user level operations.
This forms the essential composition of an operating system that falls under the Trusted Computing Foundation (TCB) methodology. In a TCB implementation, the security core of an operating system is also known as a baseline monitor. It provides complete control at all times and cannot be changed in any way. It then enforces the security policy for programs and users on the system so that they can read and write to system files, as well as various access points for network protocols and other inter-process communications. By providing these functions, it must also be able to be analyzed and monitored to ensure that it meets these requirements.
Since the security kernel concept has a broad definition, it is not limited to software implementations. Essential security policies can also take the form of a hardware device, such as a smart card system or other hardware addition. In this way, access to system resources cannot be unlocked without using a specific card inserted into the computer.
Another technique to implement a security kernel can be through a distributed system. In one implementation, known as a timely and reliable computing foundation (TTCB), the network is viewed as a system that is often susceptible to some form of security breach. Instead of preventing attacks, the TTCB system tolerates intrusions and provides a means of dealing with them. With this type of implementation, each node on the network carries the distributed security core, which provides its own secure channel for communication and control.
