Diamond HASP Trusted Computing Exemplar

The National Information Infrastructure is weak; there are no high security, high assurance, off-the-shelf products available that can be used to strengthen it; and the National capability to design and construct such trusted computer systems and networks has atrophied. The purpose of the Trusted Co...

Full description

Saved in:
Bibliographic Details
Main Authors: Irvine, Cynthia E, Levin, TImothy E, Dinolt, George W
Format: Report
Language:English
Subjects:
CODING
COMPUTER SECURITY
Computer Systems Management and Standards
DATA PROCESSING SECURITY
HIGH ASSURANCE
INFORMATION SECURITY
INFRASTRUCTURE
Logistics, Military Facilities and Supplies
METHODOLOGY
MICRO-KERNEL
OFF THE SHELF EQUIPMENT
OPEN SOURCE
OPERATION
PORTABLE EQUIPMENT
PROTOTYPES
SECURITY
SOURCES
SUBVERSION
TRUSTED COMPUTING
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The National Information Infrastructure is weak; there are no high security, high assurance, off-the-shelf products available that can be used to strengthen it; and the National capability to design and construct such trusted computer systems and networks has atrophied. The purpose of the Trusted Computing Exemplar project is to provide a worked example to show how trusted computing systems and components can be constructed. A prototype high assurance development framework will be created first, and then used to produce a reference implementation trusted computing component the Embedded MicroKernel Prototype. A third-party evaluation of the component will be initiated during development (e.g., once the high-level design documentation is written). The documentation, source code, development framework and other deliverables will be made openly available as they are produced. We will develop a high assurance, embedded micro-kernel and a trusted application built on top of the micro-kernel as a reference implementation exemplar for trusted computing. Because the product as well as the process will be showpieces for trusted computing development, high assurance methodologies and techniques will be applied during the entire lifecycle. The goal is to produce a very small, portable component that will provide users with correct security operation and an a priori assurance against system subversion.