February 10, 2008   Sign In |  About ebizQ |  Contact Us |  Join ebizQ Gold Club
Andre Yee
Andre Yee's Security Insider
 An open dialogue about security and compliance for the enterprise.

« AOL is Taking AIM at Your Location | Main | Software AG Announces Webmethods Acquisition »

April 03, 2007
The OLPC Security Model - Why We Should Care.

The One Laptop Per Child (OLPC) project is one of the more socially redeeming initiatives from the high tech industry. If you're not familiar with it, OLPC is a non profit initiative to provide laptops to children in the developing world. It's not a new initiative by any means but since 2005, it's gained significant momentum around its immediate goal to create and deliver a $100 laptop to the children of developing nations. It's gained support from industry luminaries like AMD's CEO Hector Ruiz.

Now what does this have to do with security? As you might imagine, potentially placing inexpensive laptops in the hands of hundreds of millions of children and then protecting them from all kinds of malware might pose a significant challenge. Students need to be able to download and use software as needed but be free from the threat of viruses, worms and Trojans.

Ivan Krstić, Director of Security for OLPC, has developed a security model called BitFrost that is very interesting and highly workable. He released the security model at the RSA Data Security Conference earlier this year. The premise for the security model is that programs should execute with a minimal, necessary set of privileges rather than the default privileges of the user. As an example, this means that the built-in calculator program in Windows should not be able to access the Internet or delete files. Instead of taking the traditional security approach of "looking for the bad stuff and eliminating it", BitFrost constrains the privileges of any application to a minimal set necessary for its basic operation, essentially creating a safe sandbox in which to operate.

This approach is by no means unique to BitFrost but I believe it's a key step toward safer operating environments. Let's hope this innovative approach isn't just limited to students in developing countries but will find its way to laptops running Windows in corporate America as well.

Posted by andreyee in Odds and Ends |Digg This|Add to del.icio.us

Trackback Pings

TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/1635

Comments Post a comment




Remember Me?

(you may use HTML tags for style)

We ask that you type your code (displayed below) in the text box.This code is an image that cannot be read by a machine. It prevents automated programs from submitting comments.


Code:



Most Recent ebizQ Blog Entries
ADVERTISEMENT
RSS Subscription

Recent Posts
Categories
Archives
Blog Roll
This Work
Accountability:The opinions expressed in this blog are solely representative of the blog's author, and not of ebizQ
Subscribe to our Newsletters
ebizQ Weekly Gold Club Update
Live Webinar Updates
Updates from ebizQ Partners
ebizQ SOA Update
ebizQ BPM Update
ebizQ Security Update
ebizQ BI Update
ebizQ Open Source Software Update
Virtual Show Newsletter
Your E-mail Address:
BAM: The Killer App for CEP
Date: Feb 12, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Event Processing Market Pulse
Date: Feb 14, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Archived Webinars | Upcoming Webinars

Marketing Solutions | Feedback | About ebizQ | Unsubscribe | Privacy Policy | Site Map