Trusted Extensions Desktop (TED)
Establish Secure Workspaces With Stringent Access Control
Safeguarding data is crucial when it comes to shared digital environments. It’s a matter of protecting user information, trade secrets, and other kinds of vital files. The ability to control access to these workspaces is critical to protecting and improving your business.
TED Restores Multilevel Desktop Functionality
Create a multilevel secure desktop using Solaris 11.4 Trusted Extensions (TX) and additional packages provided by TED. This allows users with different permissions to work simultaneously while accessing only the data they need. Users may also view data at multiple classification levels on a single desktop while keeping information strictly separate as needed. TX and TED controls protect both data sensitivity and data ownership through strict access control enforcement.
Solaris 11.4 Trusted Extensions Offers the Following Features
- Provides the same functionality as TX/TD in Solaris 11.3
- Single source for patches and updates
- Multi-sensitivity level architecture
- Incorporates NEW Solaris 11.4 security functionality
- User-based and label-based policy enforcement
- Single pane of glass’ experience
- Derived from open source software
- Security controls
Read the TED Whitepaper
What’s New in Solaris 11.4?
In version 11.4, standard Solaris supports file and process labeling using the same labeling APIs and CLIs as Trusted Extensions. The labeling syntax is now the same in both standard Solaris and Trusted Extensions, and the new labelcfg command can be used to configure labels in both environments.
However, in version 11.4, the way that label policy is enforced is very different between standard Solaris and Trusted Extensions. As an example: standard Solaris permits writing down to lower labeled objects, Trusted Extensions, by default, does not.
Likewise, the application of labels is different.
- TX applies labels to zones and network endpoints
- Standard Solaris applies labels to System V IPC objects
Additionally, while both environments support individual file labeling in ZFS, the labeling policy differences prevent the sharing of labeled file systems between standard Solaris and TX.
Finally, potentially the largest impact to current TX users, Solaris 11.4 Trusted Extensions no longer provides a multilevel desktop (Trusted Desktop).
History of TED
With the release of Solaris 11.4 in 2018, the Trusted Extensions packages that provided that functionality were marked as obsolete. As a result, when 11.3 systems were upgraded to Solaris 11.4, the Trusted Desktop feature was removed. But staying on 11.3 wasn’t viable since Oracle support was winding down.
Click here to learn more about the History of Dynamic Systems’ Trusted Extensions Desktop (TED).