Sub-System Evaluation Report on Cortana Systems Corporation Cortana Personal Computer Security System, Version 1.21
Abstract
The Cortana Personal Computer Security System Version 1.21 has been evaluated by the National Computer Security Center (NCSC). The Cortana Personal Computer Security System is considered to be a security sub-system rather than a complete trusted computer system. Therefore, it was evaluated against a relevant subset of the requirements in the Department of Defense Trusted Computer System Evaluation Criteria (TCSEC), dated December 1985. Specifically, the features included in this evaluation are Identification and Authentication (I&A), Discretionary Access Control (DAC), Object Reuse, and Audit. The NCSC evaluation team has determined that the Cortana Personal Computer Security System may be capable of applying these security features to any IBM PC/AT PC/XT when configured with the appropriate restrictions. The Cortana Personal Computer Security System maintains I&A by requiring that users identify themselves and provide authentication before gaining access to the computer. DAC is provided on individual user's files through the use of address translation. By supplying a utility that over-writes files, the object reuse mechanism gives assurance that data may not be able to be scavenged. In addition, the Cortana Personal Computer Security System provides the means to audit workstation activity, including attempts to violate the security of the system.
Document Details
- Document Type
- Technical Report
- Publication Date
- Feb 18, 1988
- Accession Number
- ADA208047
Entities
People
- Donald N. Dasher
- John W. Taylor
- Stephen F. Carlton