Architectures and Components for High-Assurance Security
Page Content
 |
Carl Landwehr - Mitretek
Oct 01, 1999
Abstract
"High assurance security" is what you need if you are trying to separate users who have different security clearances from information at different security levels. It may also be what you need if you are concerned about protecting particularly critical information such as health records, crucial corporate data, or valuable intellectual property from motivated, knowledgeable attackers. This talk will review briefly past efforts to solve this problem, why they failed, and some current approaches that look more promising. These approaches largely avoid the need for high assurance software and can work with commercial operating systems. The focus of this work is mostly on preserving confidentiality -- see next week's talk for an approach to preserving availability!About the Speaker
Carl Landwehr recently joined Mitretek Systems as a Senior Fellow in the Center for Information Systems. From 1976-1999, he was with the Naval Research Laboratory, serving most recently as head of the Computer Security Section of the Center for High Assurance Computer Systems. He has published numerous papers on research topics in computer security, including surveys on computer security models and a taxonomy for computer security flaws, and he has co-edited eight books. Recently, he was awarded a patent for a device that supports continuous authentication. While at NRL, he served as the U.S. representative to NATO and TTCP groups concerned with information security R&D. He has been active professionally in ACM, IEEE Computer Society, and IFIP, and he has assisted the National Research Council on computer security aspects of several studies, including a current study on Enhancing the Internet for Biomedical Applications. He also serves as an Associate Editor for IEEE Transactions on Software Engineering.Dr.Landwehr received a B.S. in Engineering and Applied Science from Yale University and M.S. and Ph.D. degrees in Computer and Communication Sciences from the University of Michigan. He served on the Computer Science faculty at Purdue from 1974-1975 and has also taught at Georgetown, the University of Maryland, and Virginia Tech.
© 1999-2013 Purdue University. All rights reserved.
Use/Reuse Guidelines
CERIAS Seminar materials are intended for educational, non-commercial use only and any or all commercial use is prohibited. Any use must attribute "The CERIAS Seminar at Purdue University." Opinions expressed in the recordings are not necessarily representative of the views of CERIAS or of Purdue University.
Footer
RSS Feeds
Combined XML Feed
News XML Feed Events XML Feed Weblogs XML Feed Security Seminar Podcast
Twitter: @cerias, @ceriasarchive, #cerias
CERIAS, Purdue University / Recitation Building / 656 Oval Drive / West Lafayette IN 47907-2086
phone (765)494-7841 / fax (765)496-3181
Copyright © 2013, Purdue University, all rights reserved. Purdue University is an equal access/equal opportunity university.
If you have trouble accessing this page because of a disability, please contact the CERIAS webmaster at webmaster@cerias.purdue.edu. Some content on this site may require the use of a special plug-in or application. Please visit our plug-ins page for links to download these applications.
Privacy Policy
