Compartmented Model Workstation: Results Through Prototyping

1987 IEEE Symposium on Security and Privacy Pub Date : 1987-04-27 DOI:10.1109/SP.1987.10010

P. T. Cummings, D. A. Fullam, M. Goldstein, M. Gosselin, J. Picciotto, J. P. Woodward, J. Wynn

{"title":"Compartmented Model Workstation: Results Through Prototyping","authors":"P. T. Cummings, D. A. Fullam, M. Goldstein, M. Gosselin, J. Picciotto, J. P. Woodward, J. Wynn","doi":"10.1109/SP.1987.10010","DOIUrl":null,"url":null,"abstract":"The Defense Intelligence Agency (DIA) recognized that commercially available workstations could significantly enhance the capabilities of today's Intelligence Data Handling Systems (IDHS) if they could be integrated with the IDHS systems in a secure manner. The Compartmented Mode Workstation (CMW) project was started at the request of the DIA to further the state-of-the-art of computer security in general and workstation security in particular. The prototype effort had two major purposes. The first purpose was to demonstrate that operationally useful implementations of each requirement could be designed and developed. The second, more general, purpose was to gain insight into what measures could be taken to augment commercially available workstations with meaningful security. Therefore, as the Security Requirements for System High and Compartmented Mode Workstations [CMWREQS] were stated, a development team attempted to implement thereon the CMW prototype. Viable approaches were found for all requirements thereby verifying the premise that a workstation and its associated operating system could be modified such that off-the-shelf software (distributed in binary form) could execute with adequate security .This paper describes compartmented mode operation, how the prototype satisfied each requirement, and the level of effort involved in the prototype implementation.","PeriodicalId":123213,"journal":{"name":"1987 IEEE Symposium on Security and Privacy","volume":"13 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1987-04-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"24","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"1987 IEEE Symposium on Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SP.1987.10010","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 24

Abstract

The Defense Intelligence Agency (DIA) recognized that commercially available workstations could significantly enhance the capabilities of today's Intelligence Data Handling Systems (IDHS) if they could be integrated with the IDHS systems in a secure manner. The Compartmented Mode Workstation (CMW) project was started at the request of the DIA to further the state-of-the-art of computer security in general and workstation security in particular. The prototype effort had two major purposes. The first purpose was to demonstrate that operationally useful implementations of each requirement could be designed and developed. The second, more general, purpose was to gain insight into what measures could be taken to augment commercially available workstations with meaningful security. Therefore, as the Security Requirements for System High and Compartmented Mode Workstations [CMWREQS] were stated, a development team attempted to implement thereon the CMW prototype. Viable approaches were found for all requirements thereby verifying the premise that a workstation and its associated operating system could be modified such that off-the-shelf software (distributed in binary form) could execute with adequate security .This paper describes compartmented mode operation, how the prototype satisfied each requirement, and the level of effort involved in the prototype implementation.

查看原文本刊更多论文

分区模型工作站:通过原型设计的结果

国防情报局(DIA)认识到，如果商用工作站能够以安全的方式与情报数据处理系统(IDHS)系统集成，则可以显著增强当今情报数据处理系统(IDHS)的能力。分隔模式工作站(CMW)项目是应DIA的要求展开的，目的是进一步提高计算机安全水平，特别是工作站的安全水平。原型工作有两个主要目的。第一个目的是证明可以设计和开发每个需求的操作上有用的实现。第二个更一般的目的是深入了解可以采取哪些措施来增强商业上可用的工作站，使其具有有意义的安全性。因此，正如系统高级和分隔模式工作站的安全需求[CMWREQS]所陈述的那样，一个开发团队试图在此基础上实现CMW原型。为所有需求找到了可行的方法，从而验证了工作站及其相关操作系统可以修改的前提，使现成的软件(以二进制形式分发)可以以足够的安全性执行。本文描述了分隔模式操作，原型如何满足每个需求，以及原型实现所涉及的努力程度。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

1987 IEEE Symposium on Security and Privacy

自引率

0.00%

发文量