Examples of binding security model methods to security events

KasperskyOS Community Edition 1.1

Support Send link Get as PDF

Developing security policies > Describing a security policy for a KasperskyOS-based solution > PSL language syntax > Examples of binding security model methods to security events

Examples of binding security model methods to security events

Before analyzing examples, you need to become familiar with the Base security model.

Processing the initiation of process startups

/* The KasperskyOS kernel and any process

* in the solution is allowed to start any

* process. */

execute { grant () }

/* The kernel is allowed to start a process

* of the Einit class. */

execute src=kl.core.Core, dst=Einit { grant () }

/* An Einit-class process is allowed

* to start any process in the solution. */

execute src=Einit { grant () }

Handling the startup of the KasperskyOS kernel

/* The KasperskyOS kernel is allowed to start.

* (This binding is necessary so that the security

* module can be notified of the kernel SID. The kernel starts irrespective

* of whether this is allowed by the solution security policy

* or denied. If the solution security policy denies the

* startup of the kernel, after startup the kernel will terminate its

* execution.) */

execute src=kl.core.Core, dst=kl.core.Core { grant () }

Handling IPC request forwarding

/* Any client in the solution is allowed to query

* any server and the KasperskyOS kernel. */

request { grant () }

/* A client of the Client class is allowed to query

* any server in the solution and the kernel. */

request src=Client { grant () }

/* Any client in the solution is allowed to query

* a server of the Server class. */

request dst=Server { grant () }

/* A client of the Client class is not allowed to

* query a server of the Server class. */

request src=Client dst=Server { deny () }

/* A client of the Client class is allowed to

* query a server of the Server class

* by calling the Ping method of the net.Net endpoint. */

request src=Client dst=Server endpoint=net.Net method=Ping {

grant ()

}

/* Any client in the solution is allowed to query

* a server of the Server class by calling the Send method

* of the endpoint with the MessExch interface. */

request dst=Server interface=MessExch method=Send {

grant ()

}

Handling IPC response forwarding

/* A server of the Server class is allowed to respond to

* queries of a Client-class client that

* calls the Ping method of the net.Net endpoint. */

response src=Server, dst=Client, endpoint=net.Net, method=Ping {

grant ()

}

/* The server containing the kl.drivers.KIDF component

* that provide endpoints with the monitor interface is allowed to

* respond to queries of a DriverManager-class client

* that uses these endpoints. */

response dst=DriverManager component=kl.drivers.KIDF interface=monitor {

grant ()

}

Handling the transmission of IPC responses containing error information

/* A server of the Server class is not allowed to notify a client

* of the Client class regarding errors that occur

* when the client queries the server by calling the

* Ping method of the net.Net endpoint. */

error src=Server, dst=Client, endpoint=net.Net, method=Ping {

deny ()

}

Handling queries sent by processes to the Kaspersky Security Module

/* A process of the Sdcard class will receive the

* "granted" decision from the Kaspersky Security Module

/* by calling the Register method of the security interface.

* (Using the security interface defined

* in the EDL description.) */

security src=Sdcard, method=Register {

grant ()

}

/* A process of the Sdcard class will receive the "denied" decision

* from the security module when calling the Comp.Register method

* of the security interface. (Using the security interface

* defined in the CDL description.) */

security src=Sdcard, method=Comp.Register {

deny ()

}

Using match sections

/* A client of the Client class is allowed to query

* a server of the Server class by calling the Send

* and Receive methods of the net endpoint. */

request src=Client, dst=Server, endpoint=net {

match method=Send { grant () }

match method=Receive { grant () }

}

/* A client of the Client class is allowed to query

* a server of the Server class by calling the Send

* and Receive methods of the sn.Net endpoint and the Write and

* Read methods of the sn.Storage endpoint. */

request src=Client, dst=Server {

match endpoint=sn.Net {

match method=Send { grant () }

match method=Receive { grant () }

}

match endpoint=sn.Storage {

match method=Write { grant () }

match method=Read { grant () }

}

Assigning audit profiles

/* Assigning the default global audit profile

* and initial audit runtime-level of 0 */

audit default = global 0

request src=Client, dst=Server {

/* Assigning a parent audit profile at the level of

* binding methods of security models to

* security events */

audit parent

match endpoint=net.Net, method=Send {

/* Assigning a child audit profile at the

* match section level */

audit child

grant ()

}

/* This match section applies a

* parent audit profile. */

match endpoint=net.Net, method=Receive {

grant ()

}

/* This binding of the security model method

* to the security event utilizes the

* global audit profile. */

response src=Client, dst=Server {

grant ()

}

Article ID: ssp_descr_psl_syntax_binding_examples, Last review: Aug 2, 2023

Page top