Private desktops and shared store

Author

Pomeroy, Bryony ; Wiseman, Simon

Author_Institution

DERA, Malvern, UK

fYear

1998

fDate

7-11 Dec 1998

Firstpage

190

Lastpage

200

Abstract

Modern interconnected computer systems handling classified information can be built using mainstream COTS software platforms. The technique provides each user with a private desktop in which to work, along with services for sharing data. Within a desktop, the user is helped to label their data. When data is shared, labelling prevents accidental compromise, but other measures defend against other forms of compromise. Purple Penelope is a prototype that extends Windows NT security to support this approach. It adds discretionary labelling, easy-to-use role-based access controls and effective accounting and auditing measures to shared files

Keywords

auditing; authorisation; client-server systems; data description; inter-computer links; interconnected systems; network operating systems; software packages; system monitoring; Purple Penelope; Windows NT security; accidental compromise; accounting measures; auditing measures; classified information; commercial off-the-shelf software platforms; data labelling; data sharing services; discretionary labelling; interconnected computer systems; private desktops; role-based access controls; shared files; shared store; Access control; Computer architecture; Control systems; Data security; Government; Information security; Job production systems; Labeling; Lighting control; Prototypes;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Security Applications Conference, 1998. Proceedings. 14th Annual

Conference_Location

Phoenix, AZ

ISSN

1063-9527

Print_ISBN

0-8186-8789-4

Type

conf

DOI

10.1109/CSAC.1998.738618

Filename

738618