Framework for a High-Assurance Security Extension to Commercial Network Clients

摘要

The Department of Defense and U.S. Government have an identified need to securely share information classified at differing security levels. Because there exist no commercial solutions to this problem, NPS is developing a Multilevel Secure Local Area Network (MLS LAN). The MLS LAN extends the high assurance capabilities of an evaluated multilevel secure system to commercial personal computers (PCs) running commercial operating systems and office productivity software by using a Trusted Computing Base Extension (TCBE). The TCBE is intended to provide trusted path and object reuse supporting services to the network TCB. This thesis describes the physical interfaces required for the TCBE to complete a trusted path and control the client PC. Potential implementations for each interface are suggested and analyzed for security implications. Also presented is a detailed analysis of methods for delivering the Windows NT operating system (including the suitability of Terminal Server Edition) to the client PC in the MLS LAN with high assurance of properly controlled object reuse and operating system integrity.