July 18th 2007
The LOCK project (short for LOgical Coprocessing Kernel) developed a “trusted computing system” that implemented multilevel security. LOCK was intended to exceed the requirements for an “A1″ system as defined by the old Trusted Computing System Evaluation Criteria (a.k.a. the TCSEC or “Orange Book”). Continue Reading »
June 18th 2007
November 1, 2005
Several years ago I was at a workshop sponsored by the Air Force to develop some new directions for information systems improvements. The workshop included both “end user” representatives from the Air Force and “R&D” representatives from laboratories and government contractors.
Discussions on MLS capabilities became rather heated. One vendor representative from the security working group declared the following in a plenary session:
“Don’t ask for MLS. We’ve tried to give you MLS, but in fact you’ve never really wanted it or used it. But please, tell us what you do want!”
A voice in the back shouted, “MLS!” Continue Reading »