{"id":19131,"date":"2017-11-29T10:04:20","date_gmt":"2017-11-29T08:04:20","guid":{"rendered":"https:\/\/www.kaspersky.co.za\/blog\/?p=19131"},"modified":"2019-11-15T13:38:15","modified_gmt":"2019-11-15T11:38:15","slug":"what-is-secure-os","status":"publish","type":"post","link":"https:\/\/www.kaspersky.co.za\/blog\/what-is-secure-os\/19131\/","title":{"rendered":"What is a secure OS?"},"content":{"rendered":"

I am often asked: \u201cIf there\u2019s nothing absolutely secure<\/a> in our world, how can you say KasperskyOS is secure?\u201d<\/p>\n

The answer is, there\u2019s a difference \u2014 really, a tremendous semantic gap \u2014 between those two things!<\/p>\n

Indeed, there\u2019s no absolute cybersecurity<\/em> in this world \u2014 and that is by design. Each security system\u2019s job is to come as close as possible to the desirable 100%, and the closer you get to it, the harder, slower, and more expensive the task gets. After reaching the conventional 99.9% effectiveness, each thousandth of a subsequent percent, with its resource consumption and complexity, seems equal to all previous work. But the effort is important; the huge market for such security technologies includes critical infrastructure<\/a>, automotive<\/a>, networking devices<\/a>, and many other areas that require maximum security \u2014 where every thousandth of a percent that isn\u2019t secure can cause a catastrophe with unforeseeable outcomes and dreadful damage.<\/p>\n

In other words, a secure operating system aims to get so close to 100% that cyberattacks become almost impossible, or at least economically unprofitable. In its efforts toward that goal, KasperskyOS (KOS) is unmatched. It\u2019s a truly secure platform, and I will explain why.<\/p>\n

Briefly: KOS is originally based on a secure microkernel architecture. It works in a protected address space following the Default Deny concept, and it allows customers to define its business logic to the smallest detail. The system is compact and transparent, and it contains no redundancies.<\/p>\n

Here are some more details.<\/p>\n

Architecture<\/h2>\n

They say that theater begins with the cloakroom, and so does an operating system with its architecture.<\/p>\n

What do all modern desktop and mobile, and even many industrial, OSs aspire to? Usability, scalability, functionality, stability, and being proprietary. Every vendor promises \u201csecurity,\u201d but if you dig deeper, you won\u2019t find much \u2014 it\u2019s all marketing with no real technology inside.<\/p>\n

It\u2019s in the OS architecture where the major difference lies: A secure OS is based on a security-kernel-applications paradigm, as opposed to the classic kernel-applications-security hierarchy inherent in unprotected systems. The KOS ecosystem is rooted in the fundamental cybersecurity principles that define how kernel and applications work.<\/p>\n

The third ring<\/h2>\n

One of the fundamental approaches is to transfer the majority of operating system code into a low-privilege address space \u2014 for example, to the third ring within x86 architecture.<\/p>\n

At first glance, that might seem strange, but there is a good reason for it: The third ring provides a secure address space. There, it is much easier to provide control over code actions and protect code from external influences. The inevitable decline in performance here is offset by the compactness-driven acceleration (see microkernel details below) and programming excellence. In addition, the code gets even more transparent and, therefore, more reliable.<\/p>\n

Allow not prohibit<\/h3>\n

At the traditional OS application level, the Default Deny<\/a> concept has been implemented for a long time and has been used successfully in a variety of scenarios. It is effective enough, a well-established method used to improve the security of many systems.<\/p>\n

In KasperskyOS, we implemented Default Deny concept at the system<\/em> level. <\/em>All actions in this secure OS are prohibited by default. When implementing, customers define rules to permit specific actions that meet specific business challenges, creating their own security policies. In other words, a security policy is a set of laws under which a system operates. The policy is something like the rules governing traffic, but with one important exception: It is impossible to violate these rules. Thus, KOS provides a qualitatively higher certainty of protection.<\/p>\n

The right micromanagement<\/h3>\n

KasperskyOS\u2019s user action rules are extremely flexible, expressive, and granular. You can define a very specific logic, including the nature of interprocess communication and the use of system services, network protocols, OS modules, and applications \u2014 down to the smallest details, if necessary \u2014 to achieve specific security requirements. Any actions that go beyond the defined logic are automatically blocked. The system performs only explicitly permitted operations.<\/p>\n

Less is more<\/h2>\n

One day at Embedded World<\/a>, I found myself confused by a company\u2019s boast that its software enhanced a car that \u201crides on a hundred million lines of code.\u201d In fact, the more code, the more dangerous a product is, because of potential vulnerabilities. As a rule, such a product is hard to audit, it shows worse resource intensity and speed, and it carries a bunch of other negative side effects. Finally, code size is a measure of programming skill; elegant, concise code can accomplish even highly complex tasks.<\/p>\n

KOS\u2019s kernel has only about 1,500 lines. That\u2019s right: Fifteen hundred lines define the entire logic of the operating system kernel. The latter is linked to processors (Intel, ARM, MIPS), and the drivers, system utilities, interface, and business applications are on top. We call KOS a microkernel <\/em>operating system, but with this kernel size it could well be called a nano<\/em>kernel OS.<\/p>\n

Clear air<\/h3>\n

Geopolitical turbulence in recent years has caused a serious crisis of confidence in the IT industry. Paranoia paints omnipresent state hackers and ubiquitous secret government operations using commercial software for cyberespionage. Some companies have resorted to even greater secrecy<\/a>, but we believe this is the time for reasonable openness<\/a>. Thanks to its kernel compactness and transparency, KasperskyOS perfectly fits this initiative.<\/p>\n

Why aren\u2019t we afraid to open our product source code?<\/p>\n

First, we have nothing to hide. Second, we will be happy for any vulnerability detection; fixes make our products even more reliable. Third, KOS\u2019s kernel has been repeatedly tested with not a single bug or undeclared procedure observed so far. I am sure the transparency initiative we started recently will once again confirm this. Finally, observing source code is not a condition of vulnerability detection \u2014 in most cases, vulnerabilities are found in other ways.<\/p>\n

Nothing in excess<\/h3>\n

For many decades, the software market has been suffering a sort of functionality race. More buttons, more features, and more goodies to stuff into yet-another-version-launch press releases to rapturous \u201cwows,\u201d only to be abandoned when it turned out that people never used them. Here is a peculiar example<\/a>: Just five Word commands account for one-third of total usage. And how many commands have never been used by anyone?<\/p>\n

Each new feature entails a range of risks including vulnerabilities, performance and fault-tolerance reduction, management complexity, and more. KasperskyOS works on a principle we call nothing in excess<\/em>. The operating system is simple, clear, and transparent. Moreover, within specific implementations,<\/a> it helps cut functionality redundant to other operating systems and applications, and ensures that only declared functionality is implemented on older platforms (such as legacy SCADA systems).<\/p>\n

Learn more about KasperskyOS here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

How we can say that KasperskyOS is really a secure platform<\/p>\n","protected":false},"author":2464,"featured_media":19132,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,3021],"tags":[794,2505],"class_list":{"0":"post-19131","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-smb","9":"tag-iot","10":"tag-kasperskyos"},"hreflang":[{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/what-is-secure-os\/19131\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/what-is-secure-os\/11914\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/what-is-secure-os\/9918\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/what-is-secure-os\/14155\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/what-is-secure-os\/12350\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/what-is-secure-os\/12150\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/what-is-secure-os\/4508\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/what-is-secure-os\/20312\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/what-is-secure-os\/8586\/"},{"hreflang":"zh","url":"https:\/\/www.kaspersky.com.cn\/blog\/what-is-secure-os\/8950\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/what-is-secure-os\/18888\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/what-is-secure-os\/19139\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.co.za\/blog\/tag\/kasperskyos\/","name":"KasperskyOS"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/19131","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/users\/2464"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/comments?post=19131"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/19131\/revisions"}],"predecessor-version":[{"id":24012,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/19131\/revisions\/24012"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/media\/19132"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/media?parent=19131"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/categories?post=19131"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/tags?post=19131"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}