Framework for a high-assurance security extension to commercial network clients
Loading...
Authors
Balmer, Steven R.
Subjects
Advisors
Irvine, Cynthia E.
Date of Issue
1999-09
Date
September, 1999
Publisher
Monterey, California. Naval Postgraduate School
Language
en_US
Abstract
The Department of Defense and U.S. Government have an identified need to securely share information classified at differing security levels. Because there exist no commercial solutions to this problem, NPS is developing a Multilevel Secure Local Area Network (MLS LAN). The MLS LAN extends the high assurance capabilities of an evaluated multilevel secure system to commercial personal computers (PCs) running commercial operating systems and office productivity software by using a Trusted Computing Base Extension (TCBE). The TCBE is intended to provide trusted path and object reuse supporting services to the network TCB. This thesis describes the physical interfaces required for the TCBE to complete a trusted path and control the client PC. Potential implementations for each interface are suggested and analyzed for security implications. Also presented is a detailed analysis of methods for delivering the Windows NT operating system (including the suitability of Terminal Server Edition) to the client PC in the MLS LAN with high assurance of properly controlled object reuse and operating system integrity.
Type
Thesis
Description
Series/Report No
Department
Computer Science
Organization
Identifiers
NPS Report Number
Sponsors
Funding
Format
xii, 105 p.;28 cm.
Citation
Distribution Statement
Approved for public release; distribution is unlimited.