Accession Number:

ADA234720

Title:

Final Evaluation Report of Infosafe Corporation, X-Lock 50. Version 2. 00

Descriptive Note:

Final rept.

Corporate Author:

NATIONAL COMPUTER SECURITY CENTER FORT GEORGE G MEADE MD

Report Date:

1988-09-12

Pagination or Media Count:

20.0

Abstract:

X-LOCK 50 Version 2.0, has been evaluated by the National Computer Security Center NCSC. X-LOCK 50 is considered to be a security subsystem rather than a complete trusted computer system. Therefore it was evaluated against a relevant subset of the requirements from the Department Of Defense trusted computer system evaluation criteria Criteria, dated December 1985. The features included in this evaluation were Identification and Authentication IA, a limited form of Discretionary Access Control DAC, and a limited form of Object Reuse OR. The NCSC evaluation team has determined the X-LOCK 50 when configured as tested, is capable of applying these security features on an IBM PCXT or PCAT. IA is maintained on the protected computer by requiring that users wanted a valid user identification, and password prior to gaining access to the system. The discretionary access control is implemented on a limited scale by allowing or denying an individual user access to the system or hard disk. Privileges assigned to users are determined by the superuser, the system security administrator when user accounts are being established. Object reuse, which is implemented at the users discretion, only writes over specified files and does not take into consideration other locations e.g., memory buffers which could contain residual data. Object reuse implemented in this manner does not meet the Department Of Defense trusted computer system evaluation criteria.

Subject Categories:

  • Computer Systems Management and Standards

Distribution Statement:

APPROVED FOR PUBLIC RELEASE