Title :
Private desktops and shared store
Author :
Pomeroy, Bryony ; Wiseman, Simon
Author_Institution :
DERA, Malvern, UK
Abstract :
Modern interconnected computer systems handling classified information can be built using mainstream COTS software platforms. The technique provides each user with a private desktop in which to work, along with services for sharing data. Within a desktop, the user is helped to label their data. When data is shared, labelling prevents accidental compromise, but other measures defend against other forms of compromise. Purple Penelope is a prototype that extends Windows NT security to support this approach. It adds discretionary labelling, easy-to-use role-based access controls and effective accounting and auditing measures to shared files
Keywords :
auditing; authorisation; client-server systems; data description; inter-computer links; interconnected systems; network operating systems; software packages; system monitoring; Purple Penelope; Windows NT security; accidental compromise; accounting measures; auditing measures; classified information; commercial off-the-shelf software platforms; data labelling; data sharing services; discretionary labelling; interconnected computer systems; private desktops; role-based access controls; shared files; shared store; Access control; Computer architecture; Control systems; Data security; Government; Information security; Job production systems; Labeling; Lighting control; Prototypes;
Conference_Titel :
Computer Security Applications Conference, 1998. Proceedings. 14th Annual
Conference_Location :
Phoenix, AZ
Print_ISBN :
0-8186-8789-4
DOI :
10.1109/CSAC.1998.738618
