Computer Security Corporation Sentinel Version 3.13
Abstract
The Sentinel Security System product has been evaluated by the National Computer Security Center (NCSC). Since Sentinel is considered to be a security sub-system, rather than a complete trusted computer system, it was evaluated against a relevant subset of the requirements in the Department of Defense Trusted Computer System Evaluation Criteria (Criteria), data December 1985. The subset for this product includes identification and authentication, discretionary access control, and audit. The NCSC evaluation team has determined that Sentinel, when configured as tested, is capable of applying these security features to data stored on the non-removable hard disk of an IBM PC/XT(1). Sentinel implements user identification and authentication by requiring each user to enter valid password, prior to allowing access to the protected machine. Sentinel maintains discretionary access control by mediating all accesses to files (protected objects). Sentinel maintains an audit of user actions during the validation of system and object access. The security mechanisms can be maintained only if both the operating system in which Sentinel runs, and Sentinel's operational files are protected from unauthorized modification. Since Sentinel's protection mechanisms are implemented in single-state machine hardware, it becomes essential that user/system separation by maintained. (kr)
Document Details
- Document Type
- Technical Report
- Publication Date
- Jul 13, 1987
- Accession Number
- ADA221813
Entities
People
- Joseph Bulger
- Leon Neufeld