Ask an Expert



    TED Restores Multilevel Desktop Functionality

    Create a multilevel secure desktop using Solaris 11.4 Trusted Extensions (TX) and additional packages provided by TED. This allows users with different permissions to work simultaneously while accessing only the data they need. Users may also view data at multiple classification levels on a single desktop while keeping information strictly separate as needed. TX and TED controls protect both data sensitivity and data ownership through strict access control enforcement.

    Trusted Extension Desktop (TED)

    Solaris 11.4 Trusted Extensions Offers the Following Features

    • Provides the same functionality as TX/TD in Solaris 11.3
    • Single source for patches and updates
    • Multi-sensitivity level architecture
    • Incorporates NEW Solaris 11.4 security functionality
    • User-based and label-based policy enforcement
    • Single pane of glass’ experience
    • Derived from open source software
    • Security controls

    Read the TED Whitepaper
    Trusted Extension Desktop (TED)

    What’s New in Solaris 11.4?

    In version 11.4, standard Solaris supports file and process labeling using the same labeling APIs and CLIs as Trusted Extensions.  The labeling syntax is now the same in both standard Solaris and Trusted Extensions, and the new labelcfg command can be used to configure labels in both environments.

    However, in version 11.4, the way that label policy is enforced is very different between standard Solaris and Trusted Extensions.  As an example:  standard Solaris permits writing down to lower labeled objects, Trusted Extensions, by default, does not.

    Likewise, the application of labels is different.

    • TX applies labels to zones and network endpoints
    • Standard Solaris applies labels to System V IPC objects

    Additionally, while both environments support individual file labeling in ZFS, the labeling policy differences prevent the sharing of labeled file systems between standard Solaris and TX.

    Finally, potentially the largest impact to current TX users, Solaris 11.4 Trusted Extensions no longer provides a multilevel desktop (Trusted Desktop).

    History of TED

    With the release of Solaris 11.4 in 2018, the Trusted Extensions packages that provided that functionality were marked as obsolete. As a result, when 11.3 systems were upgraded to Solaris 11.4, the Trusted Desktop feature was removed. But staying on 11.3 wasn’t viable since Oracle support was winding down.

    Click here to learn more about the History of Dynamic Systems’ Trusted Extensions Desktop (TED).

    Trusted Extension Desktop (TED): Documentation
    View the Trusted Extension Desktop (TED): Documentation
    Trusted Extensions Desktop (TED) – Security Features Demo
    The New Trusted Extension Desktop (TED): An Interview with Glenn Faden and Tom Johnson
    TED Screen Examples
    Auditing Administration Copy Passte Copying File Systems Copying File Systems
    Talk to Trusted Extensions Desktop (TED) Expert