Ask an Expert



Error: Contact form not found.

TED Restores Multilevel Desktop Functionality

Create a multilevel secure desktop using Solaris 11.4 Trusted Extensions (TX) and additional packages provided by TED. This allows users with different permissions to work simultaneously while accessing only the data they need. Users may also view data at multiple classification levels on a single desktop while keeping information strictly separate as needed. TX and TED controls protect both data sensitivity and data ownership through strict access control enforcement.

Trusted Extension Desktop (TED)

Solaris 11.4 Trusted Extensions Offers the Following Features

  • Provides the same functionality as TX/TD in Solaris 11.3
  • Single source for patches and updates
  • Multi-sensitivity level architecture
  • Incorporates NEW Solaris 11.4 security functionality
  • User-based and label-based policy enforcement
  • Single pane of glass’ experience
  • Derived from open source software
  • Security controls

Read the TED Whitepaper
Trusted Extension Desktop (TED)

What’s New in Solaris 11.4?

In version 11.4, standard Solaris supports file and process labeling using the same labeling APIs and CLIs as Trusted Extensions.  The labeling syntax is now the same in both standard Solaris and Trusted Extensions, and the new labelcfg command can be used to configure labels in both environments.

However, in version 11.4, the way that label policy is enforced is very different between standard Solaris and Trusted Extensions.  As an example:  standard Solaris permits writing down to lower labeled objects, Trusted Extensions, by default, does not.

Likewise, the application of labels is different.

  • TX applies labels to zones and network endpoints
  • Standard Solaris applies labels to System V IPC objects

Additionally, while both environments support individual file labeling in ZFS, the labeling policy differences prevent the sharing of labeled file systems between standard Solaris and TX.

Finally, potentially the largest impact to current TX users, Solaris 11.4 Trusted Extensions no longer provides a multilevel desktop (Trusted Desktop).

History of TED

With the release of Solaris 11.4 in 2018, the Trusted Extensions packages that provided that functionality were marked as obsolete. As a result, when 11.3 systems were upgraded to Solaris 11.4, the Trusted Desktop feature was removed. But staying on 11.3 wasn’t viable since Oracle support was winding down.

Click here to learn more about the History of Dynamic Systems’ Trusted Extensions Desktop (TED).

Trusted Extension Desktop (TED): Documentation
View the Trusted Extension Desktop (TED): Documentation
Trusted Extensions Desktop (TED) – Security Features Demo
The New Trusted Extension Desktop (TED): An Interview with Glenn Faden and Tom Johnson
TED Screen Examples
Auditing Administration Copy Passte Copying File Systems Copying File Systems
Talk to Trusted Extensions Desktop (TED) Expert