Computing and Informatics

The importance of a security operating system (OS) with security-enhancing mechanisms at the kernel level, such as a reference monitor and a cryptographic file system, has been increasingly emphasized as the weaknesses and limitation of mechanisms at the user level have been revealed. However, when a system has only a reference monitor, the system is vulnerable to a low-level detour or a physical attack. In addition, when a system has only a cryptographic file system, the file system has a difficulty in protecting itself. To address these problems, we designed and developed a security OS with a reference monitor, a cryptographic file system, authentication limitation, and session limitation. Here we describe the model, its implementation, and its overheads.