TOSP Logo

Winux Secure Registry Requirements

Requirements Home
    Table of Contents
  1. Introduction
  2. Secure Registry
    1. Securing Data
    2. Secure Connections
  3. Making it Simple

  1. Introduction

    One of the great things Microsoft did for Windows was create the Registry system. However, as it is, the Registry is very messy and insecure. The Winux Secure Registry aims to solve this problem and expand the Registry to be a much more resilient part of the system.

    Requirements Home Table of Contents
  2. Secure Data

    Microsoft Windows Registry system stores data in a very text-like format. All data is passed back to the applications in the same format that it is stored. Part of maintaining secure data is to keep it secure in both storage and in how it is transferred, even between the OS and the Registry sub-system.

    1. Securing Data

      Maintaining the data securely where it is stored is achieved in two steps:

      1. encrypted on disk
      2. disk maintained out of reach of user
      To keep the information secure while it is on the disk, the Winux Secure Registry will use its own combination of encryption algorithms and keys for them that are kept out of the reach of the user. This way no one using the system can break into the system and read information they were not suppose to.

      One downside to this is that if the keys are lost, the registry then becomes unusable. While this should be extremely rare once the system has been written and most bugs worked out, it is therefore recommended that programs be written to have a default set of values for use if the registry values cannot be retrieved. Additionally, the Winux system ought to have a mechanism in which to notify the applications to revert to those values built into its communication protocol.

      The second part of keeping the stored data secure is to keep the area of the disk in which it is written out of reach of the users. In order to do this, the Winux system will have a specially marked partition (either primary or secondary) that will be made available by the system only to the Winux Secure Registry and any system that is needed for the Winux Secure Registry to read and write to it - i.e. the HAL, Micro Kernel, and Memory System.

      Requirements Home Table of Contents
    2. Secure Connections

      Data is not very secure if any application - local or remote - can intercept the data while it is being transmitted from the Winux Secure Registry to the application that it belongs to. To overcome this, part of the security deals with securing the connection between the registry and the application. The Winux Secure Registry handles this by creating a truly secure link between the application and the Winux Secure Registry.

      In this document, we will only concern ourselves with the part of the protocol that has to do with creating the connection and even then will leave out most of the details.

      To create a "truly secure link", each application that needs access to the Winux Secure Registry must follow a specific protocol to gain access. The first step to creating the connection is to set up a standard connection as defined by the Winux native API for internal communication by making the appropriate API calls to the Actual OS part of the Winux System. This will notify the Winux Secure Registry system that a link needs to be created. The API call will then return the communications structure (such as the FILE* used in Posix based systems) that can be used for the next step.

      After receiving the signal from the internal system to create a secure link, the Winux Secure Registry system will create a basic secure connection with the application using the communications structure returned by the system. This structure is created for temporary use only and the Winux Secure Registry will not be able to pass any registry data over it. Rather, it is used so that the Winux Secure Registry may pass part of an encryption key set to the calling application. Once received, the calling application is to acknowledge that it received it by returning an ACK signal followed by the passed value. Once the ACK has been received, the communication link will be invalided by the system and the application ought to close its side as well.

      After the application has received its key segment over the basic secure connection, it is to open a connection through the appropriate lines as defined by the protocol using the key value and the API provided encryption algorithms. This connection will be valid until either of two things happen:

      1. The calling application closes the connection
      2. There is no data requested by the application for a given period of time as specified by the protocol.
      Once the connection has been invalided this entire process must be restarted to create a new connection.

      Each application must go through this process to use the Winux Secure Registry. Additionally, data will be transferred to the registry only through this process.

      Requirements Home Table of Contents
    Requirements Home Table of Contents
  3. Making it Simple

    As everyone knows, something will only get used and become popular if it is easy to access. Following the above guidelines may not make for very eash access. It is therefore recommended that the standard library provides a mechanism that will follow these guidelines and return a secure connection for use by the application. The mechanism should have an interface like the FILE* structure in C.

    Requirements Home Table of Contents
SourceForge Logo
This site hosted by SourceForge.net All rights reserved(r).
Last Updated: 2003-10-10