Sherlock: Commercial High Assurance Network Computing Extended Abstract

  • Stephen P. Morgan
  • Stephen W. Neal
  • Melissa A. Hartman
  • Matthew R. Laue
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1975)


IBM Research and the U.S. Department of Defense teamed to determine if governmental high assurance practices could be applied to commercially available network computers. The focus of the project was on using the thin client computing architecture to connect to trusted information domains of different classification levels at different times. Importantly, the information from a given classified domain must not migrate from its domain. Achieving this goal requires state clearing, and encrypting and authenticating all transferred data between the thin client and the trusted domain.


Smart Card Local Domain Virtual Private Network Security Module Thin Client 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    Kent S. and R. Atkinson, IETF RFC 2401, “Security Architecture for the Internet Protocol,”, November 1998.
  2. [2]
    Kent, S. and R. Atkinson, IETF RFC 2402, “IP Authentication Header,”, November 1998.
  3. [3]
    Madson, C. and R. Glenn, IETF RFC 2403, “The Use of HMAC-MD5-96 within ESP and AH,”, November 1998.Google Scholar
  4. [4]
    Madson, C. and R. Glenn, IETF RFC 2404, “The Use of HMAC-SHA-1-96 within ESP and AH,”, November 1998.
  5. [5]
    Madson, C. and N. Doraswamy, IETF RFC 2405, “The ESP DES-CBC Cipher Algorithm With Explicit IV,”, November 1998.
  6. [6]
    Kent S. and R. Atkinson, IETF RFC 2406, “IP Encapsulating Security Payload (ESP),”, November 1998.
  7. [7]
    Piper, D., IETF RFC 2407, “The Internet IP Security Domain of Interpretation for ISAKMP,”, November 1998.
  8. [8]
    Maughan, D., M. Schertler, M. Schneider, and J. Turner, IETF RFC 2408, “Internet Security Association and Key Management Protocol (ISAKMP),”, November 1998.
  9. [9]
    Harkins, D. and D. Carrel, IETF RFC 2409, “The Internet Key Exchange (IKE),”, November 1998.
  10. [10]
    Droms, R., IETF RFC 2131, “Dynamic Host Configurtion Protocol,”, March 1997.
  11. [11]
    Croft, B. and J. Gilmore, IETF RFC 951, “Bootstrap Protocol (BOOTP),”, September 1985.

Copyright information

© Springer-Verlag Berlin Heidelberg 2000

Authors and Affiliations

  • Stephen P. Morgan
    • 2
  • Stephen W. Neal
    • 1
  • Melissa A. Hartman
    • 1
  • Matthew R. Laue
    • 2
  1. 1.U.S. Department of DefenseSan Jose
  2. 2.IBM Almaden Research CenterSan Jose

Personalised recommendations