Developing a high assurance multilevel mail server
Loading...
Authors
Eads, Bradley R.
Subjects
Advisors
Irvine, Cynthia E.
Warren, Daniel F.
Date of Issue
1999-03
Date
March, 1999
Publisher
Monterey, California. Naval Postgraduate School
Language
en_US
Abstract
Electronic mail (email) often contains sensitive information, which requires special handling to prevent accidental disclosure to unauthorized personnel. Using multiple systems operating at different classifications has caused a number of inefficiencies in the way email is managed and distributed. Attachments in emails have increased the likelihood that a "Trojan Horse" could be inserted in the system to obtain unauthorized access to information. To address this problem Commercial Off-The-Shelf (COTS) software for Internet Message Access Protocol (IMAP), a mail server protocol, has been adapted to a high assurance multilevel base, the Wang Federal XTS-300. The XTS-300 constrains information flow permitting information at different sensitivity levels to be stored securely. Controlled access to mail is provided to client workstations. Enhanced with a trusted computing base extension, these COTS IBM PC compatibles run a standard office productivity suite. This architecture eliminates the risk that a "Trojan horse" will pass higher sensitivity information to a lower sensitivity level.
Type
Thesis
Description
Series/Report No
Department
Computer Science
Organization
Identifiers
NPS Report Number
Sponsors
Funding
Format
x, 115 p.;28 cm.
Citation
Distribution Statement
Approved for public release; distribution is unlimited.