There is a growing need for high-assurance architectures that support mandatory confidentiality and integrity policies. One such architecture currently under development is the Monterey Security Architecture (MYSEA), a distributed multilevel secure (MLS) computing environment that integrates untrusted commercial off-the-shelf components with specialized high-assurance elements. To ensure that information is purged from untrusted client PCs between sessions at different security levels, MYSEA clients are diskless. Therefore, it is desirable for thin MYSEA clients to be able to remotely execute server-resident applications, which may in turn request access to data residing elsewhere on the MLS Local Area Network (LAN). This functionality must be implemented in such a way that the access control policies of the multilevel environment are maintained. Working from a detailed design for remote application support, this thesis involved the implementation and testing of the remote application support functionality. Beyond the implementation of remote application support itself, this thesis involved the porting of a Trivial File Transfer Protocol (TFTP) client and the development of a simple web client as proof-of-concept remote applications, as well as the creation of a Common Gateway Interface (CGI) mechanism for invoking those remote applications from a client web browser. This research is relevant to the DoD Global Information Grid's vision of assured information sharing.
展开▼
