IP services design and implementation in a prototype device for transient tactical access to sensitive information

Abstract

In network-centric warfare, access to critical information can result in a strategic advantage. During critical situations, a soldier using tactical devices may need transient access to information beyond their normal clearances. The Least Privilege Separation Kernel (LPSK) being developed at the Naval Postgraduate School, can be the basis of an extended multilevel security (MLS) system that can support and control such access. A Trusted Services Layer (TSL), which depends on the LPSK, provides support for various multilevel security services. Currently, the LPSK lacks a software network stack for networking communications. Without networking functionality, tactical devices cannot share vital situational updates and information superiority is unattainable. An Internet Protocol (IP) stack was proposed for the LPSK-based system. The IP stack is to be implemented in the context of the LPSK architecture, which uses modularity and layering to organize its software. Open source implementations of the IP stack were evaluated to leverage the common functionality required by all IP stacks. Lightweight Internet Protocol (LWIP) was selected as a starting point for use with the LPSK. LWIP required modifications for use with the LPSK. The IP stack and a proof of concept networking demonstration were successfully implemented in this project.