Analysis of Three Multilevel Security Architectures

Abstract

Various system architectures have been proposed for high assurance enforcement of multilevel security. This paper provides an analysis of the relative merits of three architectural types one based on a security kernel, another based on a traditional separation kernel, and a third based on a least-privilege separation kernel. We introduce the Least Privilege architecture, which incorporates security features from the recent Separation Kernel Protection Profile and show how it can provide several unique aspects of security and assurance, although each architecture has advantages.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Nov 01, 2007
Accession Number
ADA484370

Entities

People

  • Clark Weissman
  • Cynthia E. Irvine
  • Thuy D. Nguyen
  • Timothy E. Levin

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Human Systems

DTIC Thesaurus Topics

  • Abstracts
  • Application Software
  • Authentication
  • Base Flow
  • Communication Systems
  • Computer Access Control
  • Computer Programming
  • Computer Programs
  • Computers
  • Computing System Architectures
  • Construction
  • Engineering
  • Operating Systems
  • Software Development
  • Standards
  • Validation
  • Verification

Fields of Study

  • Computer science

Readers

  • Approximation Theory.
  • Computer Networking
  • Criminal Law