What’s a Security Kernel?

Print anything with Printful



A security kernel is the core of a computer or network security system, controlling access permissions for resources. It can be implemented in hardware, software, or firmware. The Trusted Computing Base methodology uses a security kernel as a reference monitor to enforce security policies. It can also be implemented through smart cards or distributed systems.

A security kernel is essentially the core of a computer or network security implementation. It is the core of a secure computing environment, which can be implemented in the form of a hardware component installed in a computer or network topology, a software implementation, or a firmware system installed in a computer microchip. By any means, the kernel becomes the central location for establishing access permissions for a computer or network resources.

One of the earliest implementations of the security kernel was a virtual machine monitor developed in the 1970s for Digital Equipment Corporation® (DEC®) Virtual Address Extension (VAX) computer systems. Your computer might be configured into multiple virtual machines that might each be running a different operating system with access to different resources and with different security protocols. In this case, the kernel resided on the real machine where the virtual machines were established and managed access control for the different virtual machines which could therefore have different levels of security.

The most common implementation of a security kernel is through a software layer within a computer’s operating system. The system design can be seen as a series of rings, similar to an onion, where each layer accesses the layers below it. At the absolute center is the hardware. The first layer on the hardware would be the security kernel, which carries all the control and authentication instructions for accessing a computer’s hardware. Above that is the rest of the operating system, and above that is the program and therefore user-level operations.

This forms the essential structure of an operating system that falls under the Trusted Computing Base (TCB) methodology. In a TCB implementation, the security kernel in an operating system is also referred to as the reference monitor. It provides full control at all times and cannot be tampered with in any way. It then enforces security policy for programs and users on the system so that they can read and write to files on the system, as well as various access points for network protocols and other inter-process communication. While providing these functions, it must also be able to be analyzed and monitored to ensure that it meets these requirements.

Because the concept of a security kernel is so broadly defined, it is not limited to software implementations. The basic security policy can also take the form of a hardware device, such as a smart card system or other hardware add-on. In this way it is not possible to unlock access to system resources without using a specific card inserted in the computer.

Another technique for implementing a security kernel can be through a distributed system. In one implementation, known as the Trusted Timely Computing Base (TTCB), the network is viewed as a system often susceptible to some form of security breach. Instead of preventing attacks, the TTCB system tolerates intrusions and provides a means to deal with them. With this type of implementation, network nodes each carry the distributed security kernel, which provides its own secure channel for communication and control.




Protect your devices with Threat Protection by NordVPN


Skip to content