KasperskyOS uses two types of security policies: call and attr.
The more frequently used type in a security configuration are call policies. They return the decision of "allowed" or "denied". In contrast, attr policies return a specific value, such as the current state of a family instance used for selecting policies that should be called.
Call policies
A call policy returns a decision of either "allowed" or "denied". An event is allowed if all its associated call policies return a decision of "allowed". Otherwise the event is denied.
For example:
/* The startup of the "server" entity is allowed only if the "flow_instance" and "era_instance" have the "ready_to_start" state. */
execute dst=server {
flow_instance.allow [ready_to_start];
era_instance.allow [ready_to_start];
}
Certain call policies can change the state of a family instance. For example, the flow_instance.restart; policy returns the flow_instance to its original state.
The restart policy changes the state of a family instance only if the event is not bound to other policies or if all bound policies returned the decision of "allowed". This rule applies to all policies that change the state of an instance.
Attr policies
An attr policy returns a value that is used in choice multiple selection operators (analogous to the switch operator in C). The choice operator lets you link an event to various security policies depending on the value returned by the attr policy.
An example of an attr policy is a state policy that returns the current state of a family instance:
/* When the "resource_driver" entity calls the "is_working" method of the security interface, the state of the "service" instance will be checked.
If the "service" has the "start" or "process" state, the "is_working" method returns the "allowed" value. Otherwise it returns the "denied" value. */
security src=resource_driver method=is_working {
choice (service.state) {
start : grant;
process : grant;
_ : deny;
}
}
Page top