Cyber Solutions
__
Security Features vs Assurance
Cyber Security - When is A System Secure
When is a System Secure?

Security features are necessary to protect fundamental system integrity, data authenticity, and data privacy properties. There is a limit however, when a system gets too complicated and costly to know whether features are properly deployed.

Given the perplexing conflations and disingenuous claims that pervade the cyber security market, it is fair to take a step back and ask:

What are the necessary features, what is protecting these features from subversion,  and how do we know when the system is protected and will stay protected?

The answer to these questions comes from assurance.

Assurance...
Knowing When a System is Secure

At a high level, a secure system is a system that behaves precisely as the IT stakeholder expects it to and is resilient to subversive attempts to change its behavior over the lifetime of the system.

More concretely, it is a system running on an authentic processor that hands control to the software platform in an authentic state—the platform then enforces a policy consistent with the stakeholders expected behavior and is resilient to subversive change attempt from all exposed interfaces.

"Assurance is often what separates actually secure systems from ones that are merely claimed to be secure.”
 
—Steve Bellovin
 
Columbia University Computer Science Professor
AT&T Labs Fellow
NetBSD developer
quotes_01_flipped
It Starts with the Processor

Regardless of what security technology IT stakeholders choose to invest in, it is important to understand that at the bottom of any IT security solution is a processor and resource management software that security features inherit. Far too often the foundational integrity properties of CPU and software platform level services are taken for granted.

MOSAIC_logo_jpg
Request Evaluation Version
What to Expect When Filling Out This Form
The information you provide will help Lynx to better understand your requirements at the high level and we will be able to do research on your behalf and be well prepared for our next interaction.
 
Your information is always considered completely confidential and is not shared with anyone outside of Lynx Software Technologies without your expressed permission. We respond to these form inputs within 1-2 business days.

What good is a whitelist if malicious threads can masquerade in authorized processes?

Of what use is a hypervisor if guests can escape?

How valuable is a malware detector if the detector can be compromised?

What good is hard drive encryption if authentication keys are leaked?

What if an application can extract all physical memory data through a side-channel?

Build Assurance with Lynx MOSA.icTM

The Lynx MOSA.icTM modular development framework gives the ability to IT stakeholders to precisely define the expected behavior of computer systems and to enforce polices that ensure their security technology investments are making valid assumptions based on underlying platform integrity properties.

The diagram below demonstrates a security system that provides the ability for users to concurrently access public and private data on a single computing device.  The system is carefully architected to ensure that private data is guaranteed to reside within private rooms and is resilient to malicious attempts to ex-filtrate data or to subvert the underlying platform in order to bypass information flow policy enforcement.

LEARN MORE
Cyber-Diagram-02
General Inquiries