Partitioning Communication System
Appearance
This article includes a list of references, related reading, or external links, but its sources remain unclear because it lacks inline citations. (November 2021) |
Partitioning Communication System is a computer and communications security architecture based on an information flow separation policy. The PCS extends the four foundational security policies of a MILS (Multiple Independent Levels of Security) software architecture to the network:
- End-to-end Information Flow
- End-to-end Data Isolation
- End-to-end Periods Processing
- End-to-end Damage Limitation
The PCS leverages software separation to enable application layer entities to enforce, manage, and control application layer security policies in such a manner that the application layer security policies are:
- Non-bypassable
- Evaluatable
- Always-invoked
- Tamper-proof
The result is a communications architecture that allows a software separation kernel and the PCS to share responsibility of security with the application.
The PCS was invented by OIS. OIS collaborated extensively on the requirements for the PCS with:
- National Security Agency
- Air Force Research Laboratory
- University of Idaho
- Lockheed Martin
- Boeing
- Rockwell Collins
References
[edit]- Vanfleet, W. Mark; Luke, Jahn A.; Beckwith, R. William; Taylor, Carol; Calloni, Ben; Unchenick, Gordon (August 2005). "MILS - Architecture for High-Assurance Embedded Computing". Crosstalk (Aug 2005). Archived from the original on 2007-03-19.
- Presentation at OMG Software Based Communications Workshop
- Beckwith, R. William. "MILS Partitioning Communication System". Objective Interface Systems, Inc. Archived from the original on 2007-09-28.