April 20th 2008
I have moved some material about multilevel security (MLS) and ‘cross domain systems’ (CDS) onto this web site from my old Cryptosmith site. I’ve also included some brief comments on CDS. There is also a link to my MLS Introduction, which I will be updating and migrating to this site over the next few months.
I’m not collecting comments on static pages if I can help it, so if you have the need to comment on my MLS or CDS materials, post the comment here.
July 18th 2007
The LOCK project (short for LOgical Coprocessing Kernel) developed a “trusted computing system” that implemented multilevel security. LOCK was intended to exceed the requirements for an “A1″ system as defined by the old Trusted Computing System Evaluation Criteria (a.k.a. the TCSEC or “Orange Book”). Continue Reading »
July 7th 2007
Anderson, J.P. (1972). Computer Security Technology Planning Study Volume II, ESD-TR-73-51, Vol. II. Bedford, MA: Electronic Systems Division, Air Force Systems Command, Hanscom Field. Available at: http://csrc.nist.gov/publications/history/ande72.pdf (Date of access: August 1, 2004).
Bell, D.D. and L.J. La Padula (1974). Secure Computer System: Unified Exposition and Multics Interpretation, ESD-TR-75-306. Bedford, MA: ESD/AFSC, Hanscom AFB. Available at: http://csrc.nist.gov/publications/history/bell76.pdf (Date of access: August 1, 2004).
July 7th 2007
accreditation - approval granted to a computer system to perform a critical, defense-related application. The accreditation is usually granted by a senior military commander.
assurance - a set of processes, tests, and analyses performed on a computing system to ensure that it fulfills its most critical operating and security requirements.