http://www.oracle.com/technetwork/articles/servers-storage-a...
https://en.wikipedia.org/wiki/Solaris_Trusted_Extensions
The whole idea of encapsulated data paths with labeled domains, etc. were all pioneered first in Solaris.
The unique spin here with Qubes OS seems to be do something similar, but using virtualization.
They actually came from the high assurance field that created the Orange and Red Books for endpoints and networking respectively. Earliest, fielded systems like that were in the mid-80's. Later, since nobody wanted real security, they dropped the assurance but kept & expanded features in so-called Compartmented Mode Workstations described here:
http://web.ornl.gov/~jar/doecmw.pdf
Trusted Solaris, which started as Sun MLS, conformed to low-to-mid grade of Orange Book:
http://www.cse.psu.edu/~trj1/cse544-s10/slides/cse544-lec12-...
Others included Trusted IRIX, SEVMS version of OpenVMS, Trusted Xenix around same time as Sun MLS, and so on. Many of those weak OS's with security retrofits. Today, there's Argus Pitbull, Trustifier, maybe others I don't know about.
Over time, due to security failures, DOD once again wanted high assurance desktops built on secure isolation. Turned to separation kernels (MILS) built to high assurance requirements. INTEGRITY-178B, LynxSecure, and VxWorks MILS built on that model with labeled, color-defined, virtualized desktops showing up starting around 2005. Nizza security architecture and TUDOS demo did stuff similar to high-assurance work for OSS in 2005-2006. QubesOS showed up later building on insecure Xen stack w/ VM-level separation and CMW-like features. GenodeOS built on Nizza/TUDOS work around 2007 while continuing to integrate high-assurance stuff like seL4 where possible.
So, no, Sun didn't invent these concepts or even design a high assurance system that I'm aware of. It was SCOMP, GEMSOS, XTS-300, and likely Trusted Xenix that proved most of the concepts out. Sun copied and improved on a watered down version of that. Separation kernels like INTEGRITY-178B and architectures like Nizza showed how it was supposed to be done. Then, Qubes later copied CMW's w/ a weak virtualization scheme and components but better usability (administration & hardware support) than separation kernels.
There's the lineage and history lesson for you.
Solaris contains the only surviving commercial implementation that I'm aware of that is still available and being updated and was last shipping in Solaris 11.3.
As far as I know, Solaris is also the last general (not tied to specific hardware), commercial UNIX.
Yes, we can nitpick all day about certification levels, but I never mentioned any of that.
Your statement implies they came up with it, led the way, first to market... stuff like that. They didn't on any count. They did end up with highest market share for CMW's and so-called Trusted OS's. They were copycats on the important stuff, though. Not pioneers. They played it pretty safe.
"Solaris contains the only surviving commercial implementation that I'm aware of that is still available and being updated and was last shipping in Solaris 11.3."
RHEL w/ SELinux and security add-ons. Argus on Solaris and Linux. Trustifier on Linux. Seems like there's four on two OS's depending on your measurement.
"Yes, we can nitpick all day about certification levels, but I never mentioned any of that."
You definitely didn't. The product you referenced wouldn't have been on the evaluated products list on any high standard had you referenced one. It would also look like a knockoff of stuff before it with selective advances. Referencing certification levels or criteria would've defeated your point when people read what was in those. Smart move.