Trusted system construction

Abstract

Any system constructed today is likely to be constructed from COTS components. Encapsulation of these components using software wrappers promises to enable trusted systems to be constructed. These systems are complex and it is difficult to impose security without compromising operational effectiveness. The key problem which this paper addresses is to analyse encapsulations of COTS components to demonstrate the system is both secure and usable. Any foundation must be able to deal with the conflicting requirements of operational effectiveness and security especially with respect to COTS components. The approach is illustrated using the X windowing system.