Diamond High Assurance Security Program: Trusted Computing Exemplar
NAVAL POSTGRADUATE SCHOOL MONTEREY CA DEPT OF COMPUTER SCIENCE
Pagination or Media Count:
Over the past decade, the U.S. Government has not been significantly involved in high assurance Trusted Computing acquisitions and research. During this time, the Governments focus on commercial off the shelf procurements helped to fuel explosive advances in commercial technology, but it also contributed to the lack of progress in the ability of commercial systems to appropriately protect themselves and the data with which they are entrusted. While industry has been driven to supply the latest technology at the fastest pace, it has not been motivated, either internally or externally via customer demand, to produce highly trustworthy computing systems. As a result, the National Information Infrastructure is weak there are no high security, high assurance, off-the-shelf products available that can be used to strengthen it and the National capability to design and construct such trusted computer systems and networks has atrophied. To address this downward spiral, the Center for INFOSEC Studies and Research CISR in Monterey, California, proposes a Trusted Computing Exemplar project that will provide an openly distributed worked example of how high assurance trusted computing components can be built. Completion of this project will be performed as part of CISRs Diamond High Assurance Security Program Diamond HASP. The authors propose four related activities 1 creation of a prototype framework for rapid high assurance system development, 2 development of a reference-implementation trusted computing component, 3 evaluation of the component for high assurance, and 4 open dissemination of deliverables related to the first three activities. The projects open development methodology will provide widespread availability of key high assurance enabling technologies and ensure transfer of knowledge and capabilities for trusted computing to the next generation of developers, evaluators, and educators. 1 figure, 9 refs.
- Computer Systems
- Computer Systems Management and Standards