Separate Storage example
The Separate Storage example demonstrates use of the Distrustful Decomposition pattern to separate data storage for trusted and untrusted applications.
Example architecture
The Separate Storage example contains two user entities: UserManager and CertificateManager.
These entities work with data located in the corresponding files:
- The UserManager entity works with data from the
userlist.txtfile. - The CertificateManager entity works with data from the
certificate.cerfile.
Each of these entities uses its own instance of the VFS entity to access a separate file system. Each VFS entity includes a block device driver linked to an individual logical drive partition. The UserManager entity does not have access to the file system of the CertificateManager entity, and vice versa.
This architecture guarantees that if there is an attack or error in any of the UserManager and CertificateManager entities, the entity will not be able to access any file that was not intended for the specific entity's operations.
A security policy in the Separate Storage example has the following characteristics:
- The UserManager entity has access to the file system only through the VfsUser entity.
- The CertificateManager entity has access to the file system only through the VfsCertificate entity.
Building the example
The example is built using the CMake build system that is included in KasperskyOS Community Edition.
Files containing the code of the example and build scripts are available at the following path:
/opt/KasperskyOS-Community-Edition-<version>/examples/separate_storage
To build and run the example, run the following script:
/opt/KasperskyOS-Community-Edition-<version>/examples/separate_storage/cross-build.sh