An Analysis of Three Kernel-based Multilevel Security Architectures

Abstract

Various system architectures have been proposed for highly robust enforcement of multilevel security (MLS). This paper provides an analysis of the relative merits of three architectural types one based on a traditional separation kernel, another based on a security kernel, and a third based on a high-robustness separation kernel. We show that by taking advantage of commonly available hardware features, and incorporating security features required by the nascent Separation Kernel Protection Profile (SKPP), the latter architecture may provide several aspects of security and assurance that are not achievable with the other two.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Aug 01, 2006
Accession Number
ADA456259

Entities

People

  • Cynthia E. Irvine
  • Thuy D. Nguyen
  • Timothy E. Levin

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Cyber
  • Space

DTIC Thesaurus Topics

  • Abstracts
  • Application Software
  • Authentication
  • California
  • Computer Access Control
  • Computer Science
  • Computers
  • Computing System Architectures
  • Cybersecurity
  • Global Information Grid
  • Information Assurance
  • Information Operations
  • Information Systems
  • National Security
  • Operating Systems
  • Resource Management
  • Security

Fields of Study

  • Computer science

Readers

  • Computer Vision.
  • Cybersecurity.