Design of a High Assurance, Multilevel Secure Mail Server (HAMMS)

Abstract

Computer systems employed in the Department of Defense (DoD) for processing classified electronic mail (email) generally operate at the highest classification level of the data being processed. These system high implementations cause two significant problems: all users must be granted unnecessarily high security clearances, and separate, incompatible workstations and networks exist for users to process classified data at different security levels. To solve these problems a System/Subsystem Specification (SSS) and a System Security Engineering (SSE) approach has been used to design a High Assurance, Multilevel Secure Mail Server (HAMMS). This thesis presents the architecture, mailing capabilities, and required design characteristics necessary to develop a high assurance mail server. Existing high assurance and information security systems are analyzed to identify related design advantages and disadvantages for a high assurance mail sever. Also included is the initialization, adaptation, and employment of a media encryption device and associated software that will be adapted to extend secure mail operations to a Commercial Off The Shelf (COTS) workstation