| 摘要 |
<p>Techniques are disclosed to provide security for graphical user interface elements being displayed in a system in which a first, host operating system is used along with a second, high assurance operating system, where the first system provides at least some of the infrastructure for the second system. Graphical user interface elements associated with the high-assurance operating system are prevented from being obscured and from any partial transparency. Additionally, a piece of secret information is stored which can be displayed upon command by graphical user interface elements associated with the high-assurance operating system. Coordinating certain elements of the display of all graphical user interface elements associated with the high assurance operating system also helps to identify legitimate elements associated with the high assurance operating system, as opposed to impostor elements which are not. Where a windowing system is used, public title information is furnished to a host operating system windowing system to identify a window owned by a process running on a high-assurance operating system. Private title information associated with the same window is used only in the high assurance operating system. <IMAGE></p> |
