MYSEA: An Approach to Building High Assurance Composite System for Cloud Computing
Nguyen, Thuy D.
Irvine, Cynthia E.
MetadataShow full item record
The need for highly robust enterprise-level architectures that implement multi-domain information protection mechanisms is widespread and growing, especially in the context of cloud computing which promotes dynamicity, scalability and collaboration across domains and organizations. The Monterey Security Architecture (MYSEA) addresses this need by integrating cloud computing functionality with the strong security properties required by a highly robust multi-domain system. The MYSEA architecture combines highly trustworthy multilevel secure servers and special-purpose multi-domain authentication components to provide centralized cross-domain security policy enforcement. Users can continue to use commodity workstations and familiar web-based applications for collaboration and access to data across domains. MYSEA�s security features include strong cross-domain access controls, protection of system assets (data and services) with different security classifications, resource isolation, service replication and dynamic control of Quality of Security Service attributes. The MYSEA cloud is oriented towards the Cloud Software as a Service (SaaS) model and supports many characteristics associated with cloud computing, including broad network access, resource pooling and measured services. In terms of ownership, administrative domain, and availability to a larger community, the MYSEA cloud is deployable as a private cloud, a community cloud, or a hybrid cloud. The MYSEA design requires that both the MYSEA servers and special-purpose authentication components run on high assurance trusted foundations. The MYSEA server currently runs on an EAL5-augmented trusted platform (i.e., BAE XTS-400) and the special-purpose authentication components are being designed to run on a Least Privilege Separation Kernel that is targeted for an EAL7 evaluation. The MYSEA Target of Evaluation Security Functionality is comprised of trusted processes of both the MYSEA server and authentication components. This paper describes the MYSEA TOE architecture, including both physical and logical boundaries, the composition of TSF and non-TSF processes, and the MYSEA�s approach for building high assurance composite multilevel secure systems.
International Common Criteria Conference 2010
RightsThis publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
Showing items related by title, author, creator and subject.
Irvine, Cynthia E.; Shifflett, David; Clark, Paul C.; Levin, Timothy; Dinolt, George (DARPA DISCEX Conference, April 2003, 2003-04-00);The MYSEA project has produced an innovative architecture and corresponding engineering prototype consisting of trusted security services and integrated operating system mechanisms for the protection of distributed ...
Ping, Chua Kai (Monterey, California. Naval Postgraduate School, 2012-09);The Monterey Security Architecture (MYSEA) provides trusted security services, allowing users to access information at different sensitivity levels at the same time. The MYSEA server enforces a mandatory access control ...
Bradney, Jeremiah A. (Monterey, California. Naval Postgraduate School, 2006-06);The Monterey Security Architecture (MYSEA) combines untrusted commercial-off-the-shelf components with specialized high-assurance trusted components to provide a trusted multilevel secure environment. However, MYSEA currently ...