SCIENCES-SYR - dtic.mil fileREPORT DOCUMENTATION PAGE Form Approved OMB No. 074-0188 Public reporting burden for this collection of information is estimated to average 1 hour per response

KFIH~IN SCIENCES-SYR

ID:315-472-7241

DCT 11'93

12:14 No.002

P.02

100000I<

Form SF298 Citation Data

Report Date("DD MON YYYY") 11101993

Report TypeN/A

Dates Covered (from... to)("DD MON YYYY")

Title and Subtitle Rome Laboratory Computer Security

Contract or Grant Number

Program Element Number

Authors Project Number

Task Number

Work Unit Number

Performing Organization Name(s) and Address(es) Rome Laboratory

Performing Organization Number(s)

Sponsoring/Monitoring Agency Name(s) and Address(es) Monitoring Agency Acronym

Monitoring Agency Report Number(s)

Distribution/Availability Statement Approved for public release, distribution unlimited

Supplementary Notes

Abstract

Subject Terms "IATAC COLLECTION"

Document Classification unclassified

Classification of SF298 unclassified

Classification of Abstract unclassified

Limitation of Abstract unlimited

Number of Pages 21

REPORT DOCUMENTATION PAGEForm Approved

OMB No. 074-0188Public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering andmaintaining the data needed, and completing and reviewing this collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information,including suggestions for reducing this burden to Washington Headquarters Services, Directorate for Information Operations and Reports, 1215 Jefferson Davis Highway, Suite 1204, Arlington, VA22202-4302, and to the Office of Management and Budget, Paperwork Reduction Project (0704-0188), Washington, DC 20503

1. AGENCY USE ONLY (Leave blank) 2. REPORT DATE

10/1/953. REPORT TYPE AND DATES COVERED

Briefing4. TITLE AND SUBTITLE

Rome Laboratory Computer Security5. FUNDING NUMBERS

6. AUTHOR(S)

Joseph Giordano

7. PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES) 8. PERFORMING ORGANIZATION REPORT NUMBER

IATACInformation Assurance Technology AnalysisCenter3190 Fairview Park DriveFalls Church VA 220429. SPONSORING / MONITORING AGENCY NAME(S) AND ADDRESS(ES) 10. SPONSORING / MONITORING

AGENCY REPORT NUMBER

Defense Technical Information CenterDTIC-IA8725 John J. Kingman Rd, Suite 944Ft. Belvoir, VA 2206011. SUPPLEMENTARY NOTES

12a. DISTRIBUTION / AVAILABILITY STATEMENT

A

12b. DISTRIBUTION CODE

13. ABSTRACT (Maximum 200 Words)

The objective of this presentation is to develop & demonstrate theTools & technologynecessary to realize trusted c31 systems in Air Force & DoD applications, and to emphasizeuse of formal Verification to assure Securit/Trust Mechanism Satisfies FormalSecurity/Trust Policy Model.

14. SUBJECT TERMS

IA15. NUMBER OF PAGES

16. PRICE CODE

17. SECURITY CLASSIFICATION OF REPORT

Unclassified

18. SECURITY CLASSIFICATION OF THIS PAGE

UNCLASSIFIED

19. SECURITY CLASSIFICATION OF ABSTRACT

UNCLASSIFIED

20. LIMITATION OF ABSTRACT

None

COMPUTER SECURITY

OBJECTIVE: TO DEVELOP & DEMONSTRATE THETOOLS & TECHNOLOGY NECESSARY TOREALIZE TRUSTED C31 SYSTEMS IN AIRFORCE & DOD APPLICATIONS

APPROACH: EMPHASIZE USE OF FORMALVERIFICATION TO ASSURE SECURlfY/TRUST MECHANISM SATISFIES FORMALSECURITY/TRUST POLICY MODEL

wn. .c.4c”inI

--.Ir3PI--

KHMHN SCIENCES-SYH

OCT 11'93

12:15 NO.002 p.04

c3-65

KRbiRN SCIENCES-SYR

ID:315-472-7241

OCT 11'93

12:16 No.002

P.05

Pi=

COMPUTER SECURITYAREAS OF INTEREST

l SECURITY PROPERTIES WIODELING

l SECURE DISTRIBUTED SYSTEMS

a MULTILEVEL SECURE DBMS

l FORMAL VERIFICATION

l CERTIFICATION TECHNOLOGY

YHMFiN SCIENCES-SYR

ID:315-472-7241

cn\I

f\

m3I_.)ZE0aL

DCT 11'93

12:ltJ No.002

P.07

c3-68

-0I

0I-

ii

0I-

ID:315-472-7241

CICT 11'93

12:17 No.002

P.08

c3-69

KHMQN

SCIENCES-SYRID:315-472-7241

enZEwI-coB-tn

UCT 11'93

12:17 No.002

P.09

Wxt-?-

LbaW>

. -c3-70

0n

ID:315-472-7241

KkMHN

SCIENCES-SYRID:315-472-7241

OCT 11'33

12:18 No.002

F.ll

I-.._

.

h

. .

ROMULUS EXTENSIONS

a REQUIREMENTS TOOL INTEGRATION

Q ROlVlUl.US/PENELOPE 1NTEGRATCON

0 ENHANCED MODELING SUPPORT

z0

KFIblFIN SCIENCES-SYR

ID:315-472-7241

OCT 11'93

12:19 No.002

P.13

c3-74

MLS DISTRIBUTED OPERATING SYSTEM

THETA PROGRAM-HISTORY

e ROME LAB SUPPORT FROM 1985l CONCEPT EXPLORATION PHASE (“PHASE I”):

- BBNfORA, 198547- STUDY DISTRIBUTED SECURlTY; FORMULATE POLlCY- DESIGN A SECURE DISTRIBUTED OS- CARRY OUT AI-LEVEL VERIFICATION FOR ASSURANCE

l DEMONSTRATlON~VALEDATION PHASE (“PHASE II”):- ORAIBBN, 1988-92- DETAILED DESIGN & POLICY BASED ON PHASE I WORK- IMPLEMENT PROTOTYPE- B3-LEVEL DESIGN & ASSURANCE

J?-.--

l-40

z0

00rd

OCT 11'93

12:ZO No.002

P.16

I-

I-aa

c3-77

NEXT-GENERATION DBlWStNTELllGENT DATABASESDATA t RULES t KNOWLEDGEOBJECT-ORIENTED PRCIGf?A!VliitNGSECURITY POLICY3 FORMAL MODEL

/ MLS

TAXONOMY OF ARWITECTURESDECISKIN ATTRIBUTES (QiJALlTATlUE)ALLOW PRIORITY OF DESIGN f ACTORSARGHITECTUF?E CHOICES,TRADE-OFFS

TARGETED TO AlTWO SECURITY POLICIES ADDRESS:

MANDATOWY~DISCRETIONARYINTfGRlT’(RULE43ASED CLASSIFICATOON CONSTRAIMTSPOLY IN§TANTfATiQN

FORMAL MODELS, FTLS, & DEMQNSTRATLONSCTC LOCK il GEMINI GEMSOS

ED HOMOGENEOUSDISTRIBUTED HETEROGENEOUSFEDERATED

EXPERT SYSTEMSMATHEIWATICA L MODELSINTEGRATKIM OF AUDIT & INTRUSION DETECTION

TRUSTED DATABASE FRONTmEND

OBJECTIVE:

4 DEVELOP & DEMONSTRATE TRUSTED DBMSFRONT-END CAPABILITIES TO SUPPORT

- MULTILEVEL WORKSTATION INTERFACE

- MULTILEVEL OUTPUT TECHNOLOGY- PRESENTATION TECHNOLOGY- WINDOWING- TRUSTED DATA LABELS

PROGRAM REQUIREMENTS:+ BUILD TO AT LEAST CLASS 82l TRUSTED SUBJECT APPROACH+ CLlENTmSERVER ARCHITECTURE

SUN 3160 WORKSTATION WITH TEMPLATE BASEDSCREEN EDITOR

~aE~FI;AT#lN LANGUAGE BASED ON LARCH

f’HASE1 (FV89j; PASCAL-LIKE F EATUAESWITH EXCEPTIONS

PHASE II v92): REUSABLE LIBRAFIlESPHASE III (Fy95): CONCURRENCY

EMPHASCS TO DATE:TRUSTED COMPILER81% PROCESSOR VERIFICAIION

APPLICATION:TRUSTED ADA COMPILERSD1 CHIP VERfFICATlON {RH32)

ESTABUSH TtiEORETlCAL FOUNRATIQNSIMPLEMENT PROTOTYPE ENVIRON. TO ESTABLISH

FEASIBILITY {BASED ON ClDEMO)IISTRATE VIA SD1 WEAPONS ASSIGNMENT

ALGBRfMlI;NOQRPORATE INTO ADA VEFtLfWATKX4 ENVIRONMENT

EVALUATE EXISTING METHOMllOG!ESOEVELOP MIDTERM REQUIREMENTSRESEARCH LONG TERM VERtF1CATlON ISSUES

CERTIFICATION TECHNOLOGY

06 JECTIVE:DEVELOP A METHODOLOGY & PROVIDE A SET OF TOOLS & TECHNIQUESTO SUPPORT THE SECURE SYSTEM ACCREDlTATlONlEVALUATlONPROCESS & TO AID THE DETERMINATION OF THE DEGREE OF SECURITY

!2PROVIDED BY AUTOMATED INFORMATION SYSTEMS

do-APPROACH:* DEFINITIZE EXISTING CERTIFICATION PROCESS* TAILOR PROCESS TO AIR FORCE NEEDSl IDENTIFY AREAS AMENAEILE TO AUTOMATIONl SURVEY EXISTING TOOLS/TECHNIQUES TO DETERMINE APPLICABILITY

TO AIR FORCE SECURITY CERTIFICATION PROCESS+ DEVELOP A METHODOLOGY & NEW TOOLS & TECHIUIQUES TO SUPPORT

SYSTEM CERTIFICATION % LIFE CYCLE MANAGEMENT

ID:315-472-7241

OCT 11'93

12:22

Nu.cir?'L P.21

-ua,

Documents

SCIENCES-SYR - dtic.mil fileREPORT DOCUMENTATION PAGE Form Approved OMB No. 074-0188 Public reporting burden for this collection of information is estimated to average 1 hour per response