A Security Architecture for Transient Trust

Abstract

In extraordinary situations, certain individuals may require access to information for which they are not normally authorized. For example, to facilitate rescue of people trapped inside of a burning building, firefighters may need its detailed floor plan -- information that may not typically be accessible to emergency responders. Thus, it is necessary to provide transient trust so that such sensitive information is available to selected individuals only during the emergency. The architecture presented here is designed to support transient trust. It encompasses pre-positioned, updateable domains for use exclusively during emergencies along with a set of "normal" domains with different sensitivity levels. Allocated to partitions, these domains are entered via a high integrity trusted path service located in a separate trusted partition. Interaction among subjects in different partitions is controlled by a high assurance separation kernel, and efficient use of devices is achieved through the application of a three-part device model. The resulting architecture enforces mandatory security policies, yet ensures secure and revocable access to a class of information during declared emergencies.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Oct 01, 2008
Accession Number
ADA511943

Entities

People

  • Cynthia E. Irvine
  • Paul C. Clark
  • Thuy D. Nguyen
  • Timothy E. Levin

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Abstracts
  • Communication Channels
  • Computer Programming
  • Computers
  • Department Of Homeland Security
  • Emergencies
  • Emergency Response
  • Engineering
  • First Responders
  • Governments
  • Information Exchange
  • Operating Systems
  • Personal Digital Assistants
  • Prototypes
  • Security
  • Sensitivity
  • Virtualization

Readers

  • Cybersecurity.
  • Nuclear Civil Defense.
  • Optical Physics and Photonics.