Analysis of mechanisms for TCBE control of object reuse in clients

Loading...
Thumbnail Image
Authors
Agacayak, Cihan.
Subjects
NA
Advisors
Irvine, Cynthia E.
Date of Issue
2000-03
Date
Publisher
Monterey, California. Naval Postgraduate School
Language
en_US
Abstract
This study contributes to the realization of a high assurance Multilevel Secure Local Area Network. The system consists of a Trusted Computing Base (TCB) that acts as a server base. Clients are COTS workstations and software, augmented with a hardware-based TCB Extension (TCBE). This work concentrates on object reuse control on the client, which is one of the security services to be provided by the TCBE. Object reuse mechanisms are designed to assure that sensitive information does not persist across sessions or session level changes. We analyzed 29 chips on the PC motherboard. We proposed and evaluated possible solutions for object reuse control of four storage areas: main memory, AGP memory, cache and Real Time Clock (RTC) memory. The feasibility of one proposed solution was demonstrated. We found that main memory can be cleared by slowing its refresh rate. It was determined that AGP memory cannot be read out by devices on the PCI and ISA bus. The Intel INVD command can be used to clear cache. RTC memory can be accessed and its integrity checked by TCBE software. This study establishes a foundation for object reuse control efforts targeting COTS PC products manufactured by various vendors.
Type
Thesis
Description
Series/Report No
Department
Electrical Engineering
Organization
Identifiers
NPS Report Number
Sponsors
Funder
NA
Format
xiv, 113 p.;28 cm.
Citation
Distribution Statement
Approved for public release; distribution is unlimited.
Rights
Collections