Title :
A microprocessor design for multilevel security
Author :
Clifton, Daniel B. ; Fernandez, Eduardo B.
Author_Institution :
Harris Semicond., Melbourne, FL, USA
Abstract :
A protection architecture, specifically designed to meet the requirements for secure hardware is described. This architecture, which is called the KEVEC-32 (Kernelized Verifiable CISC processor), enforces a multilevel, categorized model of security. Intended for multilevel applications, the microprocessor uses several unique features to provide a high degree of security. The most significant of these is a separation of processor privilege states and data classification. The processor also provides enhanced access control through a domain-based virtual addressing system. An extended 56-bit virtual address provides accountability by assigning each user with a specific address space. Finally, security validation is facilitated by organizing all security-related portions of hardware into a secure kernel
Keywords :
computer architecture; microprocessor chips; security of data; KEVEC-32; Kernelized Verifiable CISC processor; data classification; domain-based virtual addressing system; enhanced access control; microprocessor design; multilevel applications; multilevel security; processor privilege states; protection architecture; secure hardware; secure kernel; security validation; security-related portions; specific address space; Access control; Algorithms; Data security; Hardware; Information security; Microprocessors; Multilevel systems; Operating systems; Organizing; Protection;
Conference_Titel :
Aerospace Computer Security Applications Conference, 1988., Fourth
Conference_Location :
Orlando, FL
Print_ISBN :
0-8186-0895-1
DOI :
10.1109/ACSAC.1988.113440
