Trusted Solaris has secure future, says Sun

Sun Microsystems will continue to offer the Trusted Solaris version of its operating system as a separate product, a company...

Sun Microsystems will continue to offer the Trusted Solaris version of its operating system as a separate product, a company official said, trying to clear up any confusion that Sun may have caused in the marketplace.

Sun executives have said several times that security features from Trusted Solaris, a hardened version of Sun's OS used by the military, governments and some enterprises, will be added to its standard Solaris distribution. But the two product lines will continue to exist separately, said Ravi Iyer, Sun's group manager of systems security marketing.

"There's a misperception that these two products have merged. They have not merged, but we took some features from Trusted Solaris and moved them to Solaris," he said.

For example, Solaris includes a feature from Trusted Solaris called process rights management, which prevents applications from accessing resources that are not essential to the task they perform. The feature can help minimise damage caused by buffer overflows, a common type of attack against computers.

But other security features will not be moved into Solaris. For example, Trusted Solaris lets users label all the applications and files on a server and then restrict access to those items based on an employee's security clearance level. Such features carry too much performance or administrative overhead to be made a part of the general-purpose OS.

Several other features, such as discretionary access control and secure networking and printing functions, are not heading for the standard Solaris distributions, Iyer said. Customers pay extra for the added security in Trusted Solaris, as well as for various security certifications.

Meanwhile, Sun intends to reduce the time it takes to release upgraded versions of Trusted Solaris.

In the past there has been a lag of about one year between the time a new version of Solaris is released and the corresponding upgrade to Trusted Solaris. Sun plans to cut that to between six and nine months, Iyer said.

Solaris 10 is due to ship in the third quarter. Trusted Solaris 10 should arrive three to six months after that.

Trusted Solaris 10 will have no new security-specific features that are not in version 8, but some general-purpose improvements to Solaris will benefit security. For example, when N1 Grid Containers, for partitioning a server into discrete compartments, is used with the labelling technology in Trusted Solaris, the resulting system will be considerably more secure.

Trusted Solaris has been offered since the mid-1990s. It had been designed for the military, but some commercial customers with a need for tough security have latched onto it.

James Niccolai writes for IDG News Service

Read more on Operating systems software