Title :
A multi-layered approach to security in high assurance systems
Author :
Alves-Foss, Jim ; Taylor, Carol ; Oman, Paul
Author_Institution :
Center for Secure & Dependable Syst., Idaho Univ., USA
Abstract :
Past efforts at designing and implementing ultra high assurance systems for government security and safety have centered on the concept of a monolithic security kernel responsible for a system-wide security policy. This approach leads to inflexible, overly complex operating systems that are too large to evaluate at the highest assurance levels (e.g., Common Criteria EAL 5 and above). We describe a new multi-layered approach to the design and verification of embedded trustworthy systems that is currently being used in the implementation of real time, embedded applications. The framework supports multiple levels of safety and multiple levels of security, based on the principle of creating separate layers of responsibility and control, with each layer responsible for enforcing its own security policy.
Keywords :
formal verification; government data processing; security of data; embedded applications; embedded trustworthy system design; embedded trustworthy system verification; government safety; government security; monolithic security kernel; multilayered approach; overly complex operating systems; real time applications; system-wide security policy; ultra high assurance systems; Aerospace electronics; Communication system security; Computer security; Decision making; Government; Kernel; Operating systems; Real time systems; Safety; US Department of Defense;
Conference_Titel :
System Sciences, 2004. Proceedings of the 37th Annual Hawaii International Conference on
Print_ISBN :
0-7695-2056-1
DOI :
10.1109/HICSS.2004.1265709
