mils research montage mils research montage
play

MILS Research Montage MILS Research Montage LAW LAW - PowerPoint PPT Presentation

Nov 25, 2022 •502 likes •772 views

MILS Research Montage MILS Research Montage LAW LAW Work-In-Progress Session Work-In-Progress Session December 6, 2011 December 6, 2011 Rance DeLong Rance DeLong Consulting Researcher Consulting Researcher 1 MILS Efforts Overview

  1. MILS Research Montage MILS Research Montage LAW LAW Work-In-Progress Session Work-In-Progress Session December 6, 2011 December 6, 2011 Rance DeLong Rance DeLong Consulting Researcher Consulting Researcher 1

  2. MILS Efforts Overview Effort Categories * * Efforts/Results to date NSA TOG Future * Sponsored by AFRL / CMPO MILS Vision Constitution Patterns Assemblies Lecture AADL Found’nl Implementation Notes Comps Science Math Concepts Tools Ref Impls Opera’nl Manifesto Example Comps Dissemination LAW DASC TOG ICCC MIPP Guard Compos. CCAE SKPP Cert. API Standards Scheme Eval & Cert MNSPP DCI Evidence Assur. Case Inter-op MCSPP OIS Galois RTI RCI SIs / Programs Products Sysgo GHS WRS LW R. DeLong 2

  3. Research Enabling MILS Development Research Enabling MILS Development and Deployment (REMDaD REMDaD)* )* and Deployment ( l Objective: Objective: l Move to next stage of MILS deployment and development Move to next stage of MILS deployment and development l 4 Themes 4 Themes l – Components – – development and assurance of individual components development and assurance of individual components – Components – Integration – – integration of MILS components and systems integration of MILS components and systems – Integration – Deployment – – facilitate MILS deployment facilitate MILS deployment – Deployment – Certification – – enable MILS evaluation and certification enable MILS evaluation and certification – Certification l Initial tasks (2010) Initial tasks (2010) l – Evidence and toolchains toolchains for MILS certification study for MILS certification study – Evidence and – MILS Cross Domain Solution (CDS) operational component Study – MILS Cross Domain Solution (CDS) operational component Study – – MILS Delivery, Configuration, and Initialization (DCI) Study MILS Delivery, Configuration, and Initialization (DCI) Study * Performed at SRI, sponsored by AF Research Laboratory and AF Cryptographic Modernization Program Office. R. DeLong 3

  4. Research Enabling MILS Development Research Enabling MILS Development and Deployment (REMDaD REMDaD)* )* and Deployment ( l Current tasks (2011-2012) - Current tasks (2011-2012) - l (John Rushby Rushby, Dave , Dave Hanz Hanz, Rance DeLong) , Rance DeLong) (John – AADL and MILS – AADL and MILS – MIPP completion (MIPP as a document) – MIPP completion (MIPP as a document) – – “Programming the MIPP “ Programming the MIPP” ” (MIPP encoded in the CCAE) (MIPP encoded in the CCAE) – MILS Delivery, Configuration, Initialization model – MILS Delivery, Configuration, Initialization model – MILS Cross Domain Solution investigation – MILS Cross Domain Solution investigation – – MILS Network Subsystem Protection Profile MILS Network Subsystem Protection Profile * Performed at SRI, sponsored by AF Research Laboratory and AF Cryptographic Modernization Program Office. R. DeLong 4

  5. MILS is based on composition of cooperating MILS is based on composition of cooperating components defined by related Protection Profiles* components defined by related Protection Profiles* l Separation Kernel (SKPP) Separation Kernel (SKPP) l l MILS Network System (MNSPP) MILS Network System (MNSPP) l l MILS Console System (MCSPP) MILS Console System (MCSPP) l l MILS Extended Attributes PP (MEAPP) MILS Extended Attributes PP (MEAPP) l l MILS File System (MFSPP) MILS File System (MFSPP) l l . . . . . . l l MILS Integration Protection Profile (MIPP) MILS Integration Protection Profile (MIPP) l MIPP “Conforms to” SKPP “Patterned after” . . . “Extended by” MNSPP MCSPP MEAPP MFSPP R. DeLong 5

  6. Mils PPs are expected to achieve Mils PPs are expected to achieve this: this: ST SK SK 1 System A ST SK SK 2 SKPP ST SK SK 3 SK 4 MEA 2 ST SK SK 4 ST MEA MEA 1 ! Console 1 Network 3 ST MEA MEA 2 MEAPP ST MEA MEA 3 File System 3 ST MEA MEA 4 ST MCS Console 1 System B ! ST MCS Console 2 MCSPP ST MCS Console 3 CC ST MCS Console 4 SK 1 MEA 3 ST MFS File System 1 ! ST MFS File System 2 Console 4 Network 1 MFSPP ST MFS File System 3 File System 4 ST MFS File System 4 ST MNS Network 1 ST MNS Network 2 MNSPP ! = It works! ST MNS Network 3 ST MNS Network 4 R. DeLong 6

  7. Illustrative Architecture of a MILS-based Illustrative Architecture of a MILS-based MLS workstation - a collection of MLS workstation - a collection of connected “ “things things” ” connected MILS File and Client MLS Directory Client Partitions RVM Client Subsystem Partitions / Subjects Partitions / Subjects / Subjects Application Instantiator MILS Session App CORBA Manager Mgmt MILS MILS Human MLS PCS Auth I’face Console System RVM Data Devs Management Subsystem Mgmt MILS I&A Network Audit Subsystem Audit Mgmt R. DeLong 7

  8. Architecture of a MILS based of a MILS based Architecture So Something workstation - itself is So Something workstation - itself is Architecture as an Something that must be designed. Integration Framework Something that has properties. R. DeLong 8

  9. Something So This So Something is what the MIPP describes is what the MIPP describes This l The system level The system level security problem security problem (T/P/A) (T/P/A) l l The system level The system level security objectives security objectives l l The system level The system level SFRs SFRs and and SARs SARs l l A system concept and A system concept and reference architecture reference architecture l l Identification of, and connections among, the Identification of, and connections among, the components components l l A basis for formal A basis for formal composition composition of component properties of component properties l l Constraints Constraints on the MILS components that fit in the on the MILS components that fit in the “ “holes holes” ” l – Security objectives, or modified ones, that pass to the component – Security objectives, or modified ones, that pass to the component – Relationships and obligations (rely-guarantee) among the – Relationships and obligations (rely-guarantee) among the components components – – Interaction schemas for interacting components Interaction schemas for interacting components R. DeLong 9

  10. Some architecture alternatives for MILS network system Some architecture alternatives for MILS network system Apps Apps Nothing calls calls MLS Socket Layer Socket Layer Trusted Apps App Apps calls calls calls calls calls queues Transport Layer Transport Layer queues Socket Layer Socket Layer calls calls sw intr queues sw intr calls calls Network Layer Network Layer queues queues queues calls calls queues Transport Layer Transport Layer sw intr sw intr Interface Layer Interface Layer calls calls queues Mbuf queues queues Mgmt Driver Driver Dev Dev Network Layer sw intr calls queues Apps calls Code manipulates calls data in multiple Everything Interface Layer security domains Socket Layer sw intr Trusted calls queues t Mbufs / Clusters Transport Layer t t Driver Driver calls Mbuf queues b hw intr Mgmt b b Network Layer Dev Dev Dev Dev calls queues Dev Labeled Crypto Dev Sep Sep Interface Layer Combination of Driver Individual data Trusted and Untrusted items associated with a single Dev Dev Dev Dev security domain R. DeLong 10

  11. System Inputs, Outputs, Relies and System Inputs, Outputs, Relies and Guarantees Guarantees Relies Guarantees HIGH inputs HIGH outputs OOOOOOO … IIIIIIIII … S NI iiiiiiii … LOW inputs ooooooo … LOW outputs R. DeLong 11

  12. MILS System from MILS System from Components/Subsystems Components/Subsystems Constraints: Relies Guarantees H(HI,HO) OOOOOOO … IIIIIIIII … HIGH Inputs HIGH Outputs S LOW Inputs LOW Outputs iiiiiiii … ooooooo … L(LI,LO) S(HI,HO,LI,LO) Properties: P(HI,HO,LI,LO) st S ≤ P R. DeLong 12

  13. Compositional Relies / Guarantees Compositional Relies / Guarantees Relies Guarantees a) A c) C b) S A C C R. DeLong 13

  14. MILS Composite Assurance Case MILS Composite Assurance Case Compose assurance cases using Assume-Guarantee Reasoning Compose assurance cases using Assume-Guarantee Reasoning l l Assumptions from MI assurance case become requirements on the Assumptions from MI assurance case become requirements on the l l components components Assured Claims from component assurance cases become evidence Assured Claims from component assurance cases become evidence l l for MI for MI SK Assurance Argument Inference rule MI Assurance Argument Inference rule SK MNS Assurance Inference rule Argument Claims Evidence Inference rule MI Inference rule MNS Claims Evidence Inference rule Claims Evidence Inference rule MCS Claims Inference rule MCS Assurance Argument Rely Guarantee R. DeLong 14

  15. Common Criteria Authoring Environment as a distributed Common Criteria Authoring Environment as a distributed collaboration environment collaboration environment Evaluators Author CCAE CCAE ST Author CCAE CCAE Evaluators CCAE CCAE CCAE CCAE PP ST PP Co Collaboration Reviewers Reviewers Environment En CCAE CCAE CCAE CCAE CCAE Certifiers R. DeLong 15

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

MONTAGE 23 rd November 17 DEFINITION HISTORY USE IN CREATIVITY MONTAGE 15 th March 2018

MONTAGE 23 rd November 17 DEFINITION HISTORY USE IN CREATIVITY MONTAGE 15 th March 2018

MONTAGE 23 rd November 17 DEFINITION HISTORY USE IN CREATIVITY MONTAGE 15 th March 2018 Exhibition Night Brief - A group of images (3+) mounted together that tell a story or share a common theme ? ? Do they have to be What is

483 views • 23 slides
MILS C Compl plete S ete Separa rati tion P n Platf tform orm P Protec ecti tion n

MILS C Compl plete S ete Separa rati tion P n Platf tform orm P Protec ecti tion n

MILS C Compl plete S ete Separa rati tion P n Platf tform orm P Protec ecti tion n Profi file le MILS CSP PP Viola Saftig, Dr. Igor Furgel Telekom Security - T-SYSTEMS INTERNATIONAL GmbH Content/Agenda 01 Motivation 02 MILS CSP

751 views • 23 slides
Photo Montage on loop Photo Montage on loop Highlights Solid service-led sales performance

Photo Montage on loop Photo Montage on loop Highlights Solid service-led sales performance

Photo Montage on loop Photo Montage on loop Highlights Solid service-led sales performance Market share in Retail motoring and cycling grew overall Confident in long-term growth prospects for cycling Strong improvements in customer and

878 views • 52 slides
People in Action Learning Objective: To be able to create a montage to portray movement. NEXT

People in Action Learning Objective: To be able to create a montage to portray movement. NEXT

People in Action Learning Objective: To be able to create a montage to portray movement. NEXT www.planbee.com What is a montage? A montage is a series of images put together to create different effects. BACK NEXT www.planbee.com Today we

221 views • 8 slides
Compositional Certification for MILS John Rushby Computer Science Laboratory SRI International

Compositional Certification for MILS John Rushby Computer Science Laboratory SRI International

Compositional Certification for MILS John Rushby Computer Science Laboratory SRI International Menlo Park CA USA John Rushby, SR I Compositional Cert for MILS: 1 Intuitive Security Architecture Almost all system designs are portrayed in

548 views • 28 slides
Welcome to the Group of SNG-Solar! About Company Group Offices: UAB SNG Solar Lithuania

Welcome to the Group of SNG-Solar! About Company Group Offices: UAB SNG Solar Lithuania

Welcome to the Group of SNG-Solar! About Company Group Offices: UAB SNG Solar Lithuania Power-Montage GmbH & Co.KG Germany Power-Montage UE Republic of Belarus Power-Montage KZ Republic of Kazakhstan Power-Montage LLC Russian

230 views • 22 slides
BRUNSWICK MILS Urban Design Presentation Introduction Structure of this presentation:

BRUNSWICK MILS Urban Design Presentation Introduction Structure of this presentation:

BRUNSWICK MILS Urban Design Presentation Introduction Structure of this presentation: Section 1: The overarching approach/methodology for the urban design analysis Section 2: The specific urban design rationales for the MILS precincts

481 views • 24 slides
MILS Integration Protection Profile John Rushby, Rance DeLong a Computer Science Laboratory SRI

MILS Integration Protection Profile John Rushby, Rance DeLong a Computer Science Laboratory SRI

MILS Integration Protection Profile John Rushby, Rance DeLong a Computer Science Laboratory SRI International Menlo Park CA USA a Primary affiliation: LynuxWorks John Rushby, Rance DeLong, SR I MILS Integration PP: 1 Need for an Integration

533 views • 25 slides
An Evaluation and Certification An Evaluation and Certification Scheme for MILS Scheme for MILS

An Evaluation and Certification An Evaluation and Certification Scheme for MILS Scheme for MILS

An Evaluation and Certification An Evaluation and Certification Scheme for MILS Scheme for MILS Rance DeLong* Rance DeLong* The Open Group The Open Group Layered Assurance Workshop Layered Assurance Workshop December 2010 December 2010 1

355 views • 11 slides
The MILS Component Integration Approach To Secure Information Sharing Carolyn Boettcher,

The MILS Component Integration Approach To Secure Information Sharing Carolyn Boettcher,

The MILS Component Integration Approach To Secure Information Sharing Carolyn Boettcher, Raytheon, El Segundo CA Rance DeLong, LynuxWorks, San Jose CA John Rushby, SRI International, Menlo Park CA Wilmar Sifre, AFRL/RITB, Rome NY Boettcher,

414 views • 27 slides
SPECTRAL SEQUENCES TRAINING MONTAGE EXERCISES ARUN DEBRAY AND RICHARD WONG Abstract. These are

SPECTRAL SEQUENCES TRAINING MONTAGE EXERCISES ARUN DEBRAY AND RICHARD WONG Abstract. These are

SPECTRAL SEQUENCES TRAINING MONTAGE EXERCISES ARUN DEBRAY AND RICHARD WONG Abstract. These are exercises designed to accompany the 2020 Summer Minicourse Spectral Sequence Training Montage, led by Arun Debray and Richard Wong. Spectral

298 views • 5 slides
An approach to Separation of Duties validation for MILS security configurations Semen Kort,

An approach to Separation of Duties validation for MILS security configurations Semen Kort,

An approach to Separation of Duties validation for MILS security configurations Semen Kort, Dmitry Kulagin, Ekaterina Rudina Future Technologies Kaspersky Lab The objectives Discover the Describe how the Describe the

445 views • 28 slides
A Comparison of Two Methods for Building Astronomical Image Mosaics on a Grid

A Comparison of Two Methods for Building Astronomical Image Mosaics on a Grid

ESTO A Comparison of Two Methods for Building Astronomical Image Mosaics on a Grid http://montage.ipac.caltech.edu/ Montage An astronomical image mosaic service for the National Virtual Observatory Project web site -

417 views • 27 slides
Materiality and Montage: Film Archives and the Visualization of Time-Based Media Adelheid

Materiality and Montage: Film Archives and the Visualization of Time-Based Media Adelheid

Materiality and Montage: Film Archives and the Visualization of Time-Based Media Adelheid Heftberger University of Innsbruck & Austrian Film Museum Or: From Microstructure to Macrostructure Or: from Dziga Vertov to On Broadway

730 views • 31 slides
AudeoSynth: Music-Driven Video Montage Liao et al. SIGGRAPH 2015 Get a taste of it!

AudeoSynth: Music-Driven Video Montage Liao et al. SIGGRAPH 2015 Get a taste of it!

AudeoSynth: Music-Driven Video Montage Liao et al. SIGGRAPH 2015 Get a taste of it! Presentation outline - Motivation - Previous work - Problem formulation - Definition of video and music segment - Challenges - Analysis ( video +

957 views • 70 slides
MEDIUMS AND PUBLICS 1964 1967 Text/Image Fragementation/Montage Feel like television

MEDIUMS AND PUBLICS 1964 1967 Text/Image Fragementation/Montage Feel like television

MEDIUMS AND PUBLICS 1964 1967 Text/Image Fragementation/Montage Feel like television Societies have always been shaped more by the nature of the media by which men communicate than by the content of the communication. What is

612 views • 33 slides
Introduction to OpenCL David Black-Schaffer david.black-schaffer@it.uu.se 1 Disclaimer I

Introduction to OpenCL David Black-Schaffer david.black-schaffer@it.uu.se 1 Disclaimer I

Introduction to OpenCL David Black-Schaffer david.black-schaffer@it.uu.se 1 Disclaimer I worked for Apple developing OpenCL Im biased (But not in the way you might think) 2 What is OpenCL? Low-level language for

1.04k views • 61 slides
Exploring the Design Space for Adaptive Graphical User Interfaces Krzysztof Gajos (University of

Exploring the Design Space for Adaptive Graphical User Interfaces Krzysztof Gajos (University of

Exploring the Design Space for Adaptive Graphical User Interfaces Krzysztof Gajos (University of Washington) Mary Czerwinski (Microsoft Research) Desney Tan (Microsoft Research) Daniel S. Weld (University of Washington) Scope Graphical

683 views • 47 slides
Parallel and Concurrent Haskell Part I Asynchronous agents Simon Marlow Threads (Microsoft

Parallel and Concurrent Haskell Part I Asynchronous agents Simon Marlow Threads (Microsoft

Concurrent data structures Locks Parallel and Concurrent Haskell Part I Asynchronous agents Simon Marlow Threads (Microsoft Research, Cambridge, UK) Parallel Algorithms All you need is X Parallel and Concurrent Haskell ecosystem Strategies

311 views • 14 slides
A Reconstruction of a Types-and-Effects Analysis by Abstract Interpretation Letterio Galletta

A Reconstruction of a Types-and-Effects Analysis by Abstract Interpretation Letterio Galletta

A Reconstruction of a Types-and-Effects Analysis by Abstract Interpretation Letterio Galletta Dipartimento di Informatica - Universit di Pisa 19/09/2012 - ITCTCS 2012 Outline 1 Type and Effect Systems 2 Abstract Interpretation 3

762 views • 24 slides
Scalable Semidefinite Relaxation for Maximum A Posteriori Estimation Qixing Huang, Yuxin Chen, and

Scalable Semidefinite Relaxation for Maximum A Posteriori Estimation Qixing Huang, Yuxin Chen, and

ICML 2014, Beijing Scalable Semidefinite Relaxation for Maximum A Posteriori Estimation Qixing Huang, Yuxin Chen, and Leonidas Guibas Stanford University Page 1 Maximum A Posteriori (MAP) Inference Markov Random Field (MRF) w i :

777 views • 33 slides
dV/dt Accelerating the Rate of Progress towards Extreme Scale Collaborative Science Miron Livny

dV/dt Accelerating the Rate of Progress towards Extreme Scale Collaborative Science Miron Livny

dV/dt Accelerating the Rate of Progress towards Extreme Scale Collaborative Science Miron Livny (UW) Ewa Deelman, Gideon Juve, Rafael Ferreira da Silva (USC) ! Ben Tovar, Casey Robinson, Douglas Thain (ND) Frank Wuerthwein (UCSD) ! Bill

554 views • 26 slides
Alefiya Hussain hussain@isi.edu Testbed facility:

Alefiya Hussain hussain@isi.edu Testbed facility:

Alefiya Hussain hussain@isi.edu Testbed facility: Publicly available national resource to support a broad base of users and experiments

1.09k views • 17 slides
Application of Data Mining for Prospective Assembly Time Determination Dortmund / 05.09.2017, Dr.

Application of Data Mining for Prospective Assembly Time Determination Dortmund / 05.09.2017, Dr.

IDS 2017 Industrial Data Science Conference Application of Data Mining for Prospective Assembly Time Determination Dortmund / 05.09.2017, Dr. Olga Erohin and Ralf Kretschmer Agenda Miele Group and Business Unit Professional Research

374 views • 13 slides

More recommend