Multiple single-level

Abstract: : Department of Defense official communications often require special protections to prevent accidental disclosure to unauthorized personnel. A Multilevel High Assurance LAN provides a framework for secure electronic communications, and obviates the need for multiple single level networks. A high assurance trusted computing base (TCB), allows untrusted commercial off-the-shelf (COTS) software, such as an Internet Message Access Protocol (IMAP) server, to run untrusted while access to the file system is mediated by the TCB. Control of creation and deletion of hierarchical structured objects, such as those in the file system, is based on the ability to write to the directory containing the object. For a mail server, this directory structure corresponds to a mailbox hierarchy. The mailbox hierarchy must be designed to allow users to read, create, and send mail at multiple levels. The purpose of this research is to develop a trusted process that automatically creates the mailbox hierarchy for any system user. A Mail File Administration Tool for a Multilevel High Assurance LAN allows administrators to easily set up IMAP-compatible mailboxes for each user. The tool assists in the management of the file structure and enables account administration for multiple LAN users and group accounts at multiple security levels.

Abstract: : The Naval Postgraduate School Center for Information Systems Security Studies and Research (CISR) is designing and developing a distributed multilevel secure (MLS) network known as the Monterey Security Architecture (MYSEA). MYSEA will permit the delivery of unmodified commercial off the shelf productivity software applications and data from a large number of single-level network domains (e.g., NIPRNET, SIPRNET, JWICS) to a trusted distributed operating environment that enforces MLS policies. The analysis and development of a communications framework necessary to support connections between multiple MLS servers and a set of high assurance network appliances supporting simultaneous access to multiple single level networks and their concurrent connection management is required to fulfill the goal of MYSEA. To enable this functionality, modifications to the existing MYSEA server, the development of a new high assurance communications security device - the Trusted Channel Module (TCM), and the implementation of a trusted channel between the MYSEA server and the TCM is required. This document specifies a framework for incorporating the high level design of the TCM, several trusted daemons and databases, plus the incorporation of a trusted channel protocol into MYSEA to enable a distributed MLS environment.