Simultaneous Connection Management and Protection in a Distributed Multilevel Security Environment

Abstract

The Naval Postgraduate School Center for Information Systems Security Studies and Research (CISR) is designing and developing a distributed multilevel secure (MLS) network known as the Monterey Security Architecture (MYSEA). MYSEA will permit the delivery of unmodified commercial off the shelf productivity software applications and data from a large number of single-level network domains (e.g., NIPRNET, SIPRNET, JWICS) to a trusted distributed operating environment that enforces MLS policies. The analysis and development of a communications framework necessary to support connections between multiple MLS servers and a set of high assurance network appliances supporting simultaneous access to multiple single level networks and their concurrent connection management is required to fulfill the goal of MYSEA. To enable this functionality, modifications to the existing MYSEA server, the development of a new high assurance communications security device - the Trusted Channel Module (TCM), and the implementation of a trusted channel between the MYSEA server and the TCM is required. This document specifies a framework for incorporating the high level design of the TCM, several trusted daemons and databases, plus the incorporation of a trusted channel protocol into MYSEA to enable a distributed MLS environment.

Document Details

Document Type

Technical Report

Publication Date

Sep 01, 2004

Accession Number

ADA427538

Entities

Tags