Sherlock: Commercial High Assurance Network Computing Extended Abstract
IBM Research and the U.S. Department of Defense teamed to determine if governmental high assurance practices could be applied to commercially available network computers. The focus of the project was on using the thin client computing architecture to connect to trusted information domains of different classification levels at different times. Importantly, the information from a given classified domain must not migrate from its domain. Achieving this goal requires state clearing, and encrypting and authenticating all transferred data between the thin client and the trusted domain.
KeywordsSmart Card Local Domain Virtual Private Network Security Module Thin Client
Unable to display preview. Download preview PDF.
- Kent S. and R. Atkinson, IETF RFC 2401, “Security Architecture for the Internet Protocol,” http://www.ietf.org/rfc/rfc2401.txt, November 1998.
- Kent, S. and R. Atkinson, IETF RFC 2402, “IP Authentication Header,” http://www.ietf.org/rfc/rfc2402.txt, November 1998.
- Madson, C. and R. Glenn, IETF RFC 2403, “The Use of HMAC-MD5-96 within ESP and AH,” http://www.ietf.org/rfc/rfc2403.txt, November 1998.Google Scholar
- Madson, C. and R. Glenn, IETF RFC 2404, “The Use of HMAC-SHA-1-96 within ESP and AH,” http://www.ietf.org/rfc/rfc2404.txt, November 1998.
- Madson, C. and N. Doraswamy, IETF RFC 2405, “The ESP DES-CBC Cipher Algorithm With Explicit IV,” http://www.ietf.org/rfc/rfc2405.txt, November 1998.
- Kent S. and R. Atkinson, IETF RFC 2406, “IP Encapsulating Security Payload (ESP),” http://www.ietf.org/rfc/rfc2406.txt, November 1998.
- Piper, D., IETF RFC 2407, “The Internet IP Security Domain of Interpretation for ISAKMP,” http://www.ietf.org/rfc/rfc2407.txt, November 1998.
- Maughan, D., M. Schertler, M. Schneider, and J. Turner, IETF RFC 2408, “Internet Security Association and Key Management Protocol (ISAKMP),” http://www.ietf.org/rfc/rfc2408.txt, November 1998.
- Harkins, D. and D. Carrel, IETF RFC 2409, “The Internet Key Exchange (IKE),” http://www.ietf.org/rfc/rfc2409.txt, November 1998.
- Droms, R., IETF RFC 2131, “Dynamic Host Configurtion Protocol,” http://www.ietf.org/rfc/rfc2131.txt, March 1997.
- Croft, B. and J. Gilmore, IETF RFC 951, “Bootstrap Protocol (BOOTP),” http://www.ietf.org/rfc/rfc0951.txt, September 1985.