Using type enforcement to assure a configurable guard

Author

Greve, Paula ; Hoffman, John ; Smith, Richard E.

Author_Institution

Secure Comput. Corp., Roseville, MN, USA

fYear

1997

fDate

8-12 Dec 1997

Firstpage

146

Lastpage

154

Abstract

Prior to the introduction of guard systems for electronic mail, guards tended to be overly specialized and not versatile enough for today´s user community. The paper examines the use of type enforcement to create a highly assured yet administrator configurable guard. The administrator must be able to trust that the configuration provided will indeed be followed. This occurs by using highly assured or trusted components. These trusted components are then linked together via type enforcement to form a pipeline, with one input channel for data to enter the guard, and one separate, connected output channel for data to exit the guard. These channels are connected via assured processes whose behavior is restricted by the type enforcement mechanism. Furthermore, type enforcement is also used to isolate many components of the guard, which simplifies the assurance arguments. This technology is applied in the latest operational guards developed by the Secure Computing Corporation

Keywords

computer network management; electronic mail; message passing; network servers; administrator configurable guard; assurance arguments; assured processes; configurable guard; connected output channel; electronic mail; guard systems; input channel; operational guards; pipeline; trusted components; type enforcement; Computer architecture; Cryptography; Electronic mail; Filters; National security; Network servers; Protocols; Software standards; Telecommunication traffic; Testing;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Security Applications Conference, 1997. Proceedings., 13th Annual

Conference_Location

San Diego, CA

ISSN

1063-9527

Print_ISBN

0-8186-8274-4

Type

conf

DOI

10.1109/CSAC.1997.646187

Filename

646187