Improving Inter-Enclave Information Flow for a Secure Strike Planning Application
نویسندگان
چکیده
DoD operates many system high enclaves with limited information ow between enclaves at di erent security levels. Too often, the result is duplication of operations and inconsistent and untimely data at different sites, which reduces the e ectiveness of DoD decision support systems. This paper describes our solution to this problem as it arises in installations of the Joint Maritime Command Information System (JMCIS), an integrated C4I system. Our approach views databases in more classi ed enclaves as potential replica sites for data from less classi ed enclaves. Replicated data ows from lower enclaves to higher ones via one-way connections, yielding a high assurance MLS (multi-level secure) distributed system. The one-way connections are the only trusted components. This approach is based on our work on SINTRA (Secure Information Through Replicated Architecture), and applies generally to any collection of systems each running a database at system high. It complements and exploits modern system design methods, which separate data management from data processing, and enables e ective, low-cost MLS operation within that paradigm. In addition to describing current JMCIS installations and our architectural approach, the paper presents our approach for justifying a system's security and our use of formal methods to increase assurance that security requirements are met.
منابع مشابه
Improving Inter - Enclave Information Flow for a Secure StrikePlanning
DoD operates many system high enclaves with limited information ow between enclaves at diierent security levels. Too often, the result is duplication of operations and inconsistent and untimely data at different sites, which reduces the eeectiveness of DoD decision support systems. This paper describes our solution to this problem as it arises in installations of the Joint Maritime Command Info...
متن کاملSpecifying and enforcing a multi-policy paradigm for high assurance multi-enclave systems
One fundamental key to successful implementation of secure high assurance computer systems is the design and implementation of security policies. For systems enforcing multiple concurrent policies, the design and implementation is a challenging and difficult task. To simplify this task, we present an Inter-Enclave Multi-Policy (IEMP) paradigm for information access of the Multiple Independent L...
متن کاملPolicy-Based Security for Wireless Components in High Assurance Computer Systems
To enable the growth of wireless networks in high assurance computer systems, it is essential to establish a security engineering methodology that provides system security managers with a procedural engineering process to develop computer security policies. Our research demonstrates how wireless communication technology is deployed using the Multiple Independent Levels of Security (MILS) archit...
متن کاملEnclave: Promoting Unobtrusive and Secure Mobile Communications with a Ubiquitous Electronic World
Thanks to smartphones’ mass popularity in our society, our world is surrounded by ubiquitous electronic signals. These signals originate from static objects such as buildings and stores and mobile objects such as people or vehicles. Yet it is difficult to readily access electronic information. Current wireless communications focus on reliable transmission from sources to destinations, which ent...
متن کاملInferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing
Intel has introduced a hardware-based trusted execution environment, Intel Software Guard Extensions (SGX), that provides a secure, isolated execution environment, or enclave, for a user program without trusting any underlying software (e.g., an operating system) or firmware. Researchers have demonstrated that SGX is vulnerable to a page-fault-based attack. However, the attack only reveals page...
متن کامل