Assessing DoD Goal Security Architecture (DGSA) Support in Commercially Available Operating Systems and Hardware Platforms
Abstract
Acceptance of the DoD Goal Security Architecture (DGSA) has been hindered by the fact that no implementation of a system embodying all aspects of the DGSA has been delivered, and many believe that such an implementation is impossible on currently available computing systems. We address those concerns in this report of our investigation of how the DGSA might be implemented using a commercial available operating system, rusted Information Systems' Trusted Mach (Tmach). This report first develops formal definitions for concepts defined in the DGSA and provides a model to describe implementation in the distributed case. It then extends the concepts in GSA to describe features needed in the computational process. Next, a DGSA-style security architecture is created by describing a mission statement and developing a security policy and a set of components that support the mission. It then discusses the management of security services. Next, it discusses' 'Macand describes how 'Mach mechanisms are a located to security services required by the security policy. Finally, it discusses areas of DGSA that 'Mach does not support, areas of DGSA that need refinement for purpose of implementation, and recommendations one further development of the DGSA.
Document Details
- Document Type
- Technical Report
- Publication Date
- Nov 01, 1997
- Accession Number
- ADA349992
Entities
People
- Edward A. Feustel
- Edward A. Scneider
- Ronald S. Ross
Organizations
- Institute for Defense Analyses