Jump to content

Partitioning Communication System

Add links
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by Chaser (talk | contribs) at 16:49, 12 May 2007 (speedy deletion declined (this is not spam)). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Partitioning Communication System is an high-assurance computer security architecture based on a information flow separation policy. The PCS extends the four foundational security policies of a MILS (Multiple Independent Levels of Security) separation kernel to the network:

  • End-to-end Information Flow
  • End-to-end Data Isolation
  • End-to-end Periods Processing
  • End-to-end Damage Limitation

The PCS leverages the separation kernel to enable application layer entities to enforce, manage, and control application layer security policies in such a manner that the application layer security policies are:

  • Non-bypassable,
  • Evaluatable,
  • Always-invoked, and
  • Tamper-proof.

The result is a communications architecture that allows the separation kernel and the PCS to share responsibility of security with the application.

The PCS was invented by OIS. OIS collaborated extensively on the requirements for the PCS with:

The following companies are producing MILS separation kernels:

References

  • Vanfleet, W. Mark; Luke, Jahn A.; Beckwith, R. William; Taylor, Carol; Calloni, Ben; Unchenick, Gordon (2005-08). "MILS - Architecture for High-Assurance Embedded Computing". Crosstalk (Aug 2005). {{cite journal}}: Check date values in: |date= (help)
  • Presentation at OMG Software Based Communications Workshop
  • Beckwith, R. William. "MILS Partitioning Communication System". Objective Interface Systems, Inc.
Retrieved from "https://en.wikipedia.org/w/index.php?title=Partitioning_Communication_System&oldid=130353254"