Security Dynamics Access Control Encryption System

Abstract

The Access Control Encryption (ACE) system has been evaluated by the National Computer Security Center (NCSC). ACE is considered to be a security sub-system rather than a complete trusted computer system, therefore it was evaluated against a relevant subset of the requirements from the DEPARTMENT OF DEFENSE TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA (Criteria). This subset includes identification & authentication (I & A) and audit. Additionally, ACE implements a technology to reliably verify an authenticated connection. The NCSC evaluation team has determined that ACE is capable of applying these security features to any system that uses standard communication channels. ACE maintains user I & A by requiring each user to enter a proper passcode prior to granting access to the host system or, in the case of an ACE administrator, to the ACE system maintenance menus. The authenticated connection, achieved by requiring the Access Control Maintenance (ACM) to authenticate itself to the user, provides some assurance to users that they are responding to ACE and not to a personal identification number spoofing program. Audit records can be created for virtually everything associated with the ACM, including attempted connections to the host and any ACE system maintenance that occurs.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Mar 31, 1987
Accession Number
ADA208035

Entities

People

  • James L. Arnold
  • Thomas A. Ambrosi
  • William B. Geer

Tags

DTIC Thesaurus Topics

  • Authentication
  • Classification
  • Communication Channels
  • Computer Access Control
  • Computers
  • Control Systems
  • Cryptography
  • Cybersecurity
  • Department Of Defense
  • Dynamics
  • Governments
  • Identification
  • Maintenance
  • National Governments
  • Security
  • Standards
  • Test And Evaluation

Fields of Study

  • Computer science

Readers

  • Computer Science.
  • Cybersecurity.

Technology Areas

  • Cyber