1 / 1

Disseminate Via Open Methodology Provide Previously Unavailable Level of How-To for High Assurance

Trusted Computing Exemplar (TCX). Trusted Development Separation microkernel with controlled information flow Based on formal model Simple verifiable implementation Static memory, processes and schedule Prevents unauthorized information flow between processes

Download Presentation

Disseminate Via Open Methodology Provide Previously Unavailable Level of How-To for High Assurance

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Trusted Computing Exemplar (TCX) • Trusted Development • Separation microkernel with controlled information flow • Based on formal model • Simple verifiable implementation • Static memory, processes and schedule • Prevents unauthorized information flow between processes • Identified and bounded covert channels • Example of Hardware / Software analysis for secure systems • Extensible • Trusted Path Extension • Enables thin clients to connect to multiple levels of security domains • Allows use of untrusted application code in a trusted context • Solves real-world problem on board naval vessels • Example of trusted application development on a trusted foundation Disseminate Via Open Methodology • Provide Previously Unavailable Level of How-To for High Assurance • Document High Assurance Development Framework, Techniques and Social Model • Distribute in Open Web-based Format • Source code • High Assurance Development Framework • Plans, etc. • Evaluation Evidence and Reports Evaluate for High Assurance • Develop EAL-7 Microkernel Protection Profile • Subset of TSEC A1 Requirements • Common Criteria Models and Guidelines • Third Party Evaluation • Basis for subsequent layer 1 and layer 2 evaluations Trusted Path Extension Untrusted thin client Single or Multi-Level Application Servers

More Related