Multics security evaluation: vulnerability analysis

Author

Karger, Paul A. ; Schell, Roger R.

Author_Institution

HQ Electron. Syst. Div., Hanscom AFB, MA, USA

fYear

2002

fDate

2002

Firstpage

127

Lastpage

146

Abstract

A security evaluation of Multics for potential use as a two-level (Secret/Top Secret) system in the Air Force Data Services Center (AFDSC) is presented. An overview is provided of the present implementation of the Multics Security controls. The report then details the results of a penetration exercise of Multics on the HIS 645 computer. In addition, preliminary results of a penetration exercise of Multics on the new HIS 6180 computer are presented. The report concludes that Multics as implemented today is not certifiably secure and cannot be used in an open use multi-level system. However, the Multics security design principles are significantly better than other contemporary systems. Thus, Multics as implemented today, can be used in a benign Secret/Top Secret environment. In addition, Multics forms a base from which a certifiably secure open use multi-level system can be developed.

Keywords

military computing; operating systems (computers); security of data; Air Force Data Services Center; HIS 6180 computer; HIS 645 computer; Multics security evaluation; military systems; open use multi-level system; two-level system; vulnerability analysis; Application software; Computer security; Control systems; Data security; Electrostatic discharge; Hardware; Information security; Military computing; Operating systems; Time sharing computer systems;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Security Applications Conference, 2002. Proceedings. 18th Annual

ISSN

1063-9527

Print_ISBN

0-7695-1828-1

Type

conf

DOI

10.1109/CSAC.2002.1176286

Filename

1176286