A Trusted Connection Framework for Multilevel Secure Local Area Networks
Abstract
The Naval Postgraduate School is developing a Multilevel Secure Local Area Network (MLS LAN) that incorporates commercial-off-the-shelf client workstations to provide multiple users with simultaneous secure access to stored data of different sensitivity levels. The MLS LAN uses a Trusted Computing Base Extension (TCBE) in the LAN's client workstations to extend the TCB from the trusted server across the network to these workstations. Connections between elements of the LAN are under TCB control and are conducted by way of several new communications protocols. Using a realistic System Requirements Document and a High Level Protocol Analysis, this thesis presents a framework of communications protocols that will enable the components of the MLS LAN to securely interact. The framework first presents a communications channel protocol that protects all data transmitted on the network. Following this, three other protocols are described that enable MLS LAN users to safely login and negotiate a secure session, access Application Protocol Servers that provide services such as e-mail or WWW services, and to use typical LAN-based office automation services. Finally presented is an analysis of both TLS and IPSec, which provides evidence that IPSec is best suited to provide MLS LAN communications protection.
Document Details
- Document Type
- Technical Report
- Publication Date
- Jun 01, 2000
- Accession Number
- ADA380769
Entities
People
- Jeffery D. Wilson
Organizations
- Naval Postgraduate School