Journal ArticleDOI
Compartmented mode workstation: prototype highlights
TLDR
The primary goal of the MITRE compartmented mode workstation (CMW) project was to articulate the security requirements that workstations must meet to process highly classified intelligence data, and a prototype was implemented which demonstrated that workStations could meet the requirements in an operationally useful manner while still remaining binary compatible with off-the-shelf software.Abstract:
The primary goal of the MITRE compartmented mode workstation (CMW) project was to articulate the security requirements that workstations must meet to process highly classified intelligence data As a basis for the validity of the requirements developed, a prototype was implemented which demonstrated that workstations could meet the requirements in an operationally useful manner while still remaining binary compatible with off-the-shelf software The security requirements not only addressed traditional security concerns but also introduced concepts in areas such as labeling and the use of a trusted window management system The CMW labeling paradigm is based on associating two types of security labels with objects: sensitivity levels and information labels Sensitivity levels describe the levels at which objects must be protected Information labels are used to prevent data overclassification and also provide a mechanism for associating with data those markings that are required for accurate data labeling, but which play no role in access control decisions The use of a trusted window manager allows users to easily operate at multiple sensitivity levels and provides a convenient mechanism for communicating security information to users in a relatively unobtrusive manner >read more
Citations
More filters
Proceedings Article
Trusted Paths for Browsers
TL;DR: In this article, the authors examine the potential for malicious servers to impersonate honest servers and show how malicious servers can still do this and can also forge the existence of an SSL session and the contents of the alleged server certificate.
Patent
System for providing a trustworthy user interface
TL;DR: The preferred embodiment of the invention comprises a computer system which employs a trusted display processor (260), which has a trusted processor (300) and trusted memory (305, 315, 335, 345) physically and functionally distinct from the processor and memory of the computer system as mentioned in this paper.
Patent
Apparatus and method for creating a trusted environment
TL;DR: In this article, the authors present a computer system for creating a trusted environment comprising a trusted device arranged to acquire a first integrity metric to allow determination as to whether the computer apparatus is operating in a trusted manner; a processor arranged to allow execution of a first trust routine and associated first operating environment, and a means for restricting access to resources available to the trust routine.
Patent
Multiple trusted computing environments
TL;DR: In this article, the authors describe a secure and trusted computing environment where each computing environment is isolated and secure, and can be verified as trustworthy independent of any other computing environment, by forming integrity metrics which can be interrogated by a user.
Patent
Method and apparatus for trusted processing
TL;DR: In this paper, the authors define a trusted computing base for a cryptographic unit element in an International Cryptography Framework (ICF), where use of the trusted element is based upon the principles of separation and locality, i.e., where the trusted base is associated with a trusted computation base that is separated from the operating system and/or data by a trust boundary.
References
More filters
Proceedings ArticleDOI
Security controls in the ADEPT-50 time-sharing system
TL;DR: The system described in this paper has not been approved by the Department of Defense for processing classified information and does not represent DOD policy regarding industrial application of time- or resource-sharing of EDP equipment.
Proceedings ArticleDOI
Exploiting the Dual Nature of Sensitivity Labels
TL;DR: Supporting both MACLS and sensitivity labels for objects makes the system easier to use, helps prevent overclassification of data?
Proceedings ArticleDOI
The Design of an Effective Auditing Subsystem
TL;DR: This document describes the design and implementation of the CMW'S auditing subsystem, a prototype implementation of enhanced computer security features on a workstation that was developed in conjunction with other parts of the total CMW project.
Proceedings ArticleDOI
Compartmented Model Workstation: Results Through Prototyping
TL;DR: This paper describes compartmented mode operation, how the prototype satisfied each requirement, and the level of effort involved in the prototype implementation.