Accession Number:

ADA361947

Title:

Development a High Assurance Multilevel Mail Server.

Descriptive Note:

Master's thesis,

Corporate Author:

NAVAL POSTGRADUATE SCHOOL MONTEREY CA

Personal Author(s):

• Eads, Bradley R.

Report Date:

1999-03-01

Pagination or Media Count:

126.0

Abstract:

Electronic mail email often contains sensitive information, which requires special handling to prevent accidental disclosure to unauthorized personnel. Using multiple systems operating at different classifications has caused a number of inefficiencies in the way email is managed and distributed. Attachments in emails have increased the likelihood that a Trojan Horse could be inserted in the system to obtain unauthorized access to information. To address this problem Commercial Off-The-Shelf COTS software for Internet Message Access Protocol IMAP, a mail server protocol, has been adapted to a high assurance multilevel base, the Wang Federal XTS-300. The XTS-300 constrains information flow permitting information at different sensitivity levels to be stored securely. Controlled access to mail is provided to client workstations. Enhanced with a trusted computing base extension, these COTS IBM PC compatibles run a standard office productivity suite. This architecture eliminates the risk that a Trojan horse will pass higher sensitivity information to a lower sensitivity level.

Descriptors:

• *SECURITY
• *OFF THE SHELF EQUIPMENT
• *HANDLING
• *ELECTRONIC MAIL
• COMPUTER PROGRAMS
• CONTROL
• RISK
• INFORMATION EXCHANGE
• NETWORKS
• THESES
• SENSITIVITY
• LEVEL(QUANTITY)
• COMMERCIAL EQUIPMENT
• WORK STATIONS
• ACCESS
• PRODUCTIVITY
• MESSAGE PROCESSING

Subject Categories:

• Telemetry

Distribution Statement:

APPROVED FOR PUBLIC RELEASE