Title :
Towards a High Assurance Multi-level Secure PC for Intelligence Communities
Author :
Kleidermacher, David N.
Author_Institution :
Green Hills Software, Inc., Santa Barbara, CA
Abstract :
Intelligence communities have long struggled with the burden of maintaining separate computers and networks to manage information at varying sensitivity levels. Commercial grade operating systems and virtualization solutions such as Windows, Linux, and VMware are unsuitable for security assurance to the high levels required for this kind of information sharing on a single PC platform. Custom solutions have failed to gain acceptance as cost containment pressures favor commercial, off-the-shelf (COTS) platforms. In addition, common PC hardware has had serious security limitations that prevent even a high assurance software solution from achieving the required domain separation. The hope for a truly high assurance, multi-level secure PC is coming closer to reality by virtue of recent innovations, both in software and hardware. We propose an operating environment architecture that combines the utility of virtualization with the robustness of a high assurance realtime kernel that can host trusted applications.
Keywords :
computer networks; operating systems (computers); security of data; software packages; Linux; VMware; Windows; commercial grade operating systems; commercial off-the-shelf platforms; high assurance multi-level secure PC; intelligence communities; security assurance; virtualization solutions; Computer network management; Computer networks; Costs; Hardware; Information management; Information security; Intelligent networks; Linux; Operating systems; Platform virtualization;
Conference_Titel :
Technologies for Homeland Security, 2008 IEEE Conference on
Conference_Location :
Waltham, MA
Print_ISBN :
978-1-4244-1977-7
Electronic_ISBN :
978-1-4244-1978-4
DOI :
10.1109/THS.2008.4534523
