Ozone Technology

Ozone consists of software agents and a central management console that is used to administer them.

Ozone agents are installed on all computer systems requiring protection. Agents enforce security policies, enabling security managers to specify what computers, applications and users are allowed to do.

For example, using Ozone, a security manager can specify that user John Smith using computer #2 is allowed to access a corporate database, but is not allowed to connect to the Internet. Similarly, user Jane Brown using computer #13 is allowed to browse the Internet, but is not allowed to install any new applications or copy data onto USB removable drives.

Agent Technology

Ozone agents incorporate process-based mandatory access control technology.

The agents consist of multiple security rings that closely integrate with each other.

You may download Ozone agent on an unlimited trial basis. Contact us at info@secarch.com for more information.

Memory Protection Ring

Provides transparent protection against memory related attacks such as buffer overflows. As a result, all applications continue to function as normal, but are protected from memory corruption attacks. These types of security bugs were responsible for the spate of recent worms such as Sasser and Witty.

System Protection Ring

Protects the underlying operating system against low-level attacks such as privilege escalation and rootkit installation. These types of security problems can be abused by attackers to gain unauthorized privileges, as well as to install backdoors.

Process Protection Ring

Protects processes by executing them inside a virtual ‘sandbox’ from which they cannot escape and cause damage. This ring enforces the ‘Least Privilege’ security principle, which states that a user or a computer program should be given the least amount of privileges necessary in order to perform its job.

For example, Internet Explorer will be allowed to browse web pages but it will not be allowed to overwrite system files, execute untrusted programs or do anything else it is not explicitly allowed to. Similarly, a Terminal Server user might be allowed to use Microsoft Word but will not be allowed to browse the Internet.

Application Protection Ring

Provides application specific protection against high-level attacks such as HTTP cross-site scripting, SMTP based attacks and SQL injection.

Copyright Security Architects.  ©  1999-2009. All rights reserved.