Development a High Assurance Multilevel Mail Server.
NAVAL POSTGRADUATE SCHOOL MONTEREY CA
Pagination or Media Count:
Electronic mail email often contains sensitive information, which requires special handling to prevent accidental disclosure to unauthorized personnel. Using multiple systems operating at different classifications has caused a number of inefficiencies in the way email is managed and distributed. Attachments in emails have increased the likelihood that a Trojan Horse could be inserted in the system to obtain unauthorized access to information. To address this problem Commercial Off-The-Shelf COTS software for Internet Message Access Protocol IMAP, a mail server protocol, has been adapted to a high assurance multilevel base, the Wang Federal XTS-300. The XTS-300 constrains information flow permitting information at different sensitivity levels to be stored securely. Controlled access to mail is provided to client workstations. Enhanced with a trusted computing base extension, these COTS IBM PC compatibles run a standard office productivity suite. This architecture eliminates the risk that a Trojan horse will pass higher sensitivity information to a lower sensitivity level.