Information Security IoT Security Mobile Security Network Security Operating System Security Software Security

KasperskyOS Hack-Proof OS For Embeded and IOT Devices From Kaspersky Lab

Murat Kaya

 |  Feb 23, 2017

KasperskyOS aims to protect software and data systems from the consequences of the intrusion of malicious code, viruses and hacker attacks. These can provoke harmful behavior in any part of the system, potentially resulting in loss or leakage of sensitive data, reduced performance and denial of service. In addition it reduces the risk of harm caused by program bugs, unintentional mistakes or premeditated abuse

Features

Proprietary microkernel and independent security engine. KasperskyOS is based on a reliable microkernel that implements the only way of communicating. This lightweight microkernel can be implemented on various platforms. At the same time the loosely coupled security engine makes it possible to replace the in-house microkernel with another kernel if necessary.

Multi-level compatibility. While the system is kept mostly POSIX-compatible, the use of a native API further guarantees the secure behavior of applications.The developer can choose how to keep a proper balance between program code compatibility and security.

Security domain separation: KasperskyOS efficiently separates security domains – confined groups of applications with a restricted influence on each other. This does not preclude the possibility of interdomain communication, if explicitly allowed.

Mandatory identification and labeling. All applications in KasperskyOS are accompanied by their security configuration. Nobody can install an application without installing its relevant behavior configuration. Hardware and applicationlevel resources (files, databases, network ports, etc.) are labelled with appropriate security attributes. It is impossible to access a resource that doesn’t have a security label.

Diverse policies enforcement. An independent security engine can enforce the policy that best matches the identified security objectives. The security policy can also be individually configured for every application in the system.

Tamperproof configuration and services. The security configuration is stored in protected memory and can be accessed by trusted services only, which are also restricted in their communications.

Advantages

Initially secure system. KasperskyOS is designed with security in mind and remains secure during its whole lifecycle.

Modular design. A modular approach to system design minimizes the footprint of the trusted base and makes it possible to build each individual solution on a case-by-case basis.

Secure architecture of applications. Application design is based on a component model that makes secure development easy and elegant.

Easy-to-configure policies. IPC typing and simple configuration language help to easily define the rules of interprocess communication and access control.

Verifiability. Strict adherence to security concepts in system design and implementation makes it possible to verify the security of all solutions based on KasperskyOS.

SUPPORTED ARCHITECTURES

• KasperskyOS for x86/x64 CPU: Pentium II or higher RAM: 8Mb or more Ethernet: Realtek RTL8139, Intel i82580

• KasperskyOS for ARM CPU: ARMv7 or higher

For more details visit kaspersky lab at : https://os.kaspersky.com