Analysis for a trusted computing base extension prototype board

Loading...
Thumbnail Image
Authors
Turan, Bora
Subjects
Advisors
Irvine, Cynthia E.
Date of Issue
2000-03
Date
March, 2000
Publisher
Monterey, California. Naval Postgraduate School
Language
en_US
Abstract
Agencies, institutions, individuals are demanding the use of commercial-off-the-shelf systems and cannot enforce mandatory security policies with these systems, which are equipped only with discretionary access controls. An inexpensive implementation of a multilevel secure local area network utilizing commercial-off-the- shelf hardware and software does not exist. The Naval Postgraduate School (NPS) is developing a Multilevel Secure Local Area Network (MLS LAN) to provide secure information sharing, classified at different security levels. The MLS LAN extends the high assurance of an evaluated multilevel secure System to a LAN that is formed by commercial personal computers (PCs) running commercial operating systems and office productivity software. The MLS LAN accomplishes the defined functionality by using custom boards which are designed to be plugged into personal computers. The boards are named the Trusted Computing Base Extension (TCBE). The TCBE is intended to provide trusted path and object reuse supporting services to the network TCB. This thesis describes the hardware and software components, structures, interfaces required for the TCBE to complete a trusted path and control the client PC. Potential implementations are suggested and analyzed for security implications. A preliminary TCBE prototype has been constructed and tested for selected TCBE functions. It is shown that the TCBE prototype can be made both non-by-passable and tamper resistant.
Type
Thesis
Description
Series/Report No
Department
Electrical Engineering
Organization
Identifiers
NPS Report Number
Sponsors
Funder
Format
xi, 106 p.;28 cm.
Citation
Distribution Statement
Approved for public release; distribution is unlimited.
Rights
Collections