Title :
On models for a trusted application system
Author :
Payne, C.N. ; Froscher, J.N. ; McDermott, J.P.
Author_Institution :
Center for Secure Inf. Technol., Naval Res. Lab., Washington, DC, USA
Abstract :
A trusted application system must support the processing needs of a specific operating environment. Its security policy includes many constraints that are specific to the application, so the trusted application system can be more difficult to develop and evaluate than a trusted product. One approach for reducing the development and evaluation effort for a trusted application system is to build the system on an evaluated product. Among other advantages, this approach may relieve the developer from demonstrating that the application´s trusted computing base enforces those application policies that are enforced by the evaluated product. The authors discuss their thoughts on modeling a trusted application system based on an evaluated product. They identify some lessons learned from experience in evaluating a trusted application system formal model and provide a set of guidelines for writing a formal model for a trusted application system based on an evaluated product
Keywords :
programming; safety; security of data; TCB; application policies; evaluated product; formal model; processing needs; security policy; specific operating environment; trusted application system; trusted computing base; Application software; Command and control systems; Computer applications; Guidelines; Information security; Information systems; Information technology; Monitoring; Writing;
Conference_Titel :
Computer Security Applications Conference, 1990., Proceedings of the Sixth Annual
Conference_Location :
Tucson, AZ
Print_ISBN :
0-8186-2105-2
DOI :
10.1109/CSAC.1990.143752
