Final Evaluation Report of Computer Security Corporation: Citadel.

Abstract

The Citadel Security product has been evaluated by the National Computer Security Center (NCSC). Citadel is considered to be a sub-system rather than a complete trusted computer system. Therefore, it was evaluated against a relevant subset of the requirements in the Department of Defense Trusted Computer System Evaluation Criteria, dated December 1985. Specifically, the subset for this evaluation included identification & authentication (I&A), discretionary access control, and audit requirements. The NCSC evaluation team has determined that Citadel, when configured as tested, is capable of providing additional protection mechanisms for the IBM/PC/XT and PC/AT. Citadel requires each user to enter a user ID and a valid password in order to gain access to the computer. Citadel maintains discretionary access control by mediating access to files. In addition, Citadel has the capability to audit system activity. Sub-systems are intended to be implemented on automatic data processing (ADP) systems. Specifically, sub-systems are designed to add a level of assurance to an ADP system that has limited or ineffective security mechanisms.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Sep 01, 1988
Accession Number
ADA234721

Entities

People

  • Caralyn A. Crescenzi
  • Michael J. Oehler
  • Randy S. Smith

Tags

Communities of Interest

  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Authentication
  • Circuit Boards
  • Computer Access Control
  • Computer Programming
  • Computer Security Products
  • Computers
  • Corporations
  • Cryptography
  • Cybersecurity
  • Data Processing
  • Department Of Defense
  • Identification
  • Manuals
  • National Security
  • Operating Systems
  • Security
  • User Manuals

Fields of Study

  • Computer science

Readers

  • Cybersecurity.

Technology Areas

  • Cyber