Integrating a Trusted Computing Base Extension Server and Secure Session Server into the LINUX Operating System

Abstract

The Multilevel Secure Local Area Network (MLS LAN) Project at the Naval Postgraduate School's Center for Information Security (INFOSEC) Studies and Research (NPS CISR) is building a trusted network system that is both necessary and sufficient to provide a multilevel networking solution for real world use. The current configuration provides the necessary trusted network services on the TCSEC Class B-3 evaluated XTS-300, which is a combination of the STOP version 4.4.2 multilevel secure operating system, and a Wang-supplied Intel x86 hardware base. The interface for the STOP operating is based on the System V.3 UNIX implementation System V.3 lacks many of features available in more modern UNIX implementations such as System V.4 and BSD 4.3, and also lacks many of the features in POSIX and ANSI C standards, Finally, the CPU is several generations older than the more current Intel processors. This thesis discusses the port of several MLS trusted network services on the XTS-300 to a Linux operating system running on an Intel Pentium Processor, The new Linux TCBE Server configuration will permit further experimentation with MLS architectural issues in a more modern, flexible and easily modifiable environment The port was accomplished by identifying and modifying the necessary software modules needed, to adapt to a Linux environment This thesis proves that XTS-300 TCB services can be ported to Linux system without any negative effects on performance thus allowing a move toward a more security enhanced implementation.

Document Details

Document Type

Technical Report

Publication Date

Sep 01, 2001

Accession Number

ADA397015

Entities

Tags