Security pipeline interface (SPI)

Author

Hoffman, Lance J. ; Davis, Russell J.

Author_Institution

Dept. of Electr. Eng. & Comput. Sci., George Washington Univ., Washington, DC, USA

fYear

1990

fDate

3-7 Dec 1990

Firstpage

349

Lastpage

355

Abstract

Proposes a new approach, security pipeline interface, for adding security to existing systems. Security functions are added in series to existing I/O paths without modification to the host system internals. The result is an I/O pipeline of security functions which is adaptable to both trusted and untrusted environments. Security of the physically separated SPI architecture is easier to analyze then other security products. Additionally, SPI requires no modification to the operating system. However, SPI is limited to the host processor interfaces. The SPI approach is compared with and contrasted to other ongoing security pipeline research. Examples of applications are presented which illustrate how security functions are added in a pipeline. These include a rogue program controller and intrusion detection systems

Keywords

data handling; pipeline processing; security of data; SPI architecture; host processor interfaces; intrusion detection systems; operating system; rogue program controller; security pipeline interface; Application software; Computer science; Computer security; Computerized monitoring; Control systems; Data security; Delay; Intrusion detection; Operating systems; Pipelines;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Security Applications Conference, 1990., Proceedings of the Sixth Annual

Conference_Location

Tucson, AZ

Print_ISBN

0-8186-2105-2

Type

conf

DOI

10.1109/CSAC.1990.143797

Filename

143797