CHACS, Center
for High Assurance Computing Systems (CHACS)
Publications
Abstract: Publications from the Center for High Assurance
Systems (CHACS). This is mirrored from the Navy site:
chacs.itd.nrl.navy.mil.
Ronald
Rivest, Butler
Lampson,
A Simple Distributed Security Infrastructure
Abstract: A simple distributed security infrastructure
(SDSI) which combines a simple public-key infrastructure design
with a means of defining groups and issuing group-membership
certificates. SDSI's groups provide simple, clear terminology for
defining access-control lists and security policies. SDSI's
design emphasizes linked local name space rather than a
hierarchical global name space
National Institute of
Standards and Technology,
Proceedings of an Invitational Workshop on Information Technology
(IT) Assurance and Trustworthiness
Abstract: The purpose of the Invitational Workshop on
Information Technology (IT) Assurance and Trustworthiness was to
identify crucial issues on assurance in IT systems and to provide
input into the development of policy guidance on determining the
type and level of assurance appropriate in a given environment.
The readers of these proceedings include those who handle
sensitive information involving national security, privacy,
commercial value, integrity, and availability. Existing IT
security policy guidance is based on computer and communications
architectures of the early 1980s. Technological changes since
that time mandate a review and revision of policy guidance on
assurance and trustworthiness, especially since the changes
encompass such technologies as distributed systems, local area
networks, the worldwide Internet, policy- enforcing applications,
and public key cryptography.
National Computer
Security Center,
Guide to Understanding Audit in Trusted Systems
Abstract: The guidelines described in this document
provide a set of good practices related to the use of auditing in
automatic data processing systems employed for processing
classified and other sensitive information.
National Computer
Security Center,
A Guide To Understanding Configuration Management In Trusted
Systems
Abstract: The guidelines described in this document
provide set of good practices related to configuration management
in Automated Data Processing (ADP) systems employed for
processing classified and other sensitive information.
National Computer
Security Center,
A Guide To Understanding Discretionary Access Control In Trusted
Systems
Abstract: The guidelines defined in this document are
intended to be used by computer hardware and software designers
who are building systems with the intent of meeting the
requirements of the Department of Defense Trusted Computer System
Evaluation Criteria, DoD 5200.28-STD.
National Computer
Security Center,
The Trusted Product Evaluation Questionnaire
Abstract: The Trusted Product Evaluation Questionnaire is
the latest in a series of technical documents that are being
published by the National Computer Security Center under the
Technical Guidelines Programs. It is the goal of the Technical
Guidelines Program to assure that each process in the Trusted
Product Evaluation Program and the features of the Department of
Defense Trusted Computer Systems Evaluation Criteria will be
discussed in detail and provide the proper interpretations with
specific guidance.
National Computer
Security Center,
Guidelines For Formal Verification Systems
Abstract: The guidelines defined in this document are
intended for vendors building formal specification and
verification systems that trusted system developers may use in
satisfying the requirements of the Department of Defense Trusted
Computer System Evaluation Criteria (TCSEC), DoD 5200.28-STD, and
the Trusted Network Interpretation of the TCSEC.
National Computer
Security Center,
A Guide to Understanding Trusted Distribution in Trusted
Systems
Abstract: The specific guidelines in this document provide
a set of good practices related to trusted distribution of the
hardware, software, and firmware portions, both originals and
updates, of automated data processing systems employed for
processing classified and other sensitive information. This
technical guideline has been written to help the vendor and
evaluator community understand what trusted distribution is, why
it is important, and how an effective trusted distribution system
may be implemented to meet the requirements of the Trusted
Computer Systems Evaluation Criteria.
National Computer
Security Center,
Guide To Understanding Trusted Facility Management
Abstract: "A Guide to Understanding Trusted Facility
Management" is the latest in the series of technical guidelines
that are being published by the National Computer Security
Center. This technical guideline has been written to help the
computer security manufacturers, system evaluators, accreditors,
as well as end users understand what procedures, methods, and
processes are required for trusted facility management at B2
through A1 classes of the TCSEC.
National Computer
Security Center,
Trusted network interpretation
Abstract: This document will be used for a period of at
least one year after date of signature. During this period the
NCSC will gain experience using the Trusted Network
Interpretation in several network evaluations. In addition, the
NCSC will conduct a series of tutorials and workshops to educate
the community on the details of the Trusted Network
Interpretation and receive feedback. After this trial period,
necessary changes to the document will be made and a revised
version issued.
National Computer
Security Center,
Trusted Product Security Evaluation Program
Abstract: This publication describes procedures for
interacting with the National Security Agency's Information
Security Organization as related to the Trusted Product
Evaluation Program within the National Computer Security Center.
It provides the information needed to submit a computer product
for technical security evaluation and outlines the National
Security Agency's responsibilities for positive, timely
acknowledgements. This publication specifically covers the
National Computer Security Center's relationship with vendors of
proposed trusted computer products from the initial contact with
the vendor through the completion of the security evaluation
process and follow-on programs. Although more detailed
instructions will be referenced in this publication, sufficient
guidelines are established for any first-time user of the
National Computer Security Center's services.
Brian
Currah,
MVS : Mainframe Virtual Security
Keywords: trusted systems, vulnerabilities
Abstract: Enterprises using IBM's premier operating system
for System/390 mainframes may have a false sense of confidence
regarding the vulnerability of corporate assets. The protection
offered by widely used security products can be circumvented as a
result of loopholes in add-on products
Built by Mark Crosbie and Ivan Krsul.