Partitioning Communication System

Partitioning Communication System is a computer and communications security architecture based on an information flow separation policy. The PCS extends the four foundational security policies of a MILS (Multiple Independent Levels of Security) software architecture to the network:

  • End-to-end Information Flow
  • End-to-end Data Isolation
  • End-to-end Periods Processing
  • End-to-end Damage Limitation

The PCS leverages software separation to enable application layer entities to enforce, manage, and control application layer security policies in such a manner that the application layer security policies are:

  • Non-bypassable
  • Evaluatable
  • Always-invoked
  • Tamper-proof

The result is a communications architecture that allows a software separation kernel and the PCS to share responsibility of security with the application.

The PCS was invented by OIS. OIS collaborated extensively on the requirements for the PCS with:

References

  • Vanfleet, W. Mark; Luke, Jahn A.; Beckwith, R. William; Taylor, Carol; Calloni, Ben; Unchenick, Gordon (August 2005). "MILS - Architecture for High-Assurance Embedded Computing". Crosstalk (Aug 2005). Archived from the original on 2007-03-19.
  • Presentation at OMG Software Based Communications Workshop
  • Beckwith, R. William. "MILS Partitioning Communication System". Objective Interface Systems, Inc. Archived from the original on 2007-09-28.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.