Carl Landwehr - Mitretek
"Architectures and Components for High-Assurance Security"
Oct 01, 1999
Abstract"High assurance security" is what you need if you are trying to separate users who have different security clearances from information at different security levels. It may also be what you need if you are concerned about protecting particularly critical information such as health records, crucial corporate data, or valuable intellectual property from motivated, knowledgeable attackers. This talk will review briefly past efforts to solve this problem, why they failed, and some current approaches that look more promising. These approaches largely avoid the need for high assurance software and can work with commercial operating systems. The focus of this work is mostly on preserving confidentiality -- see next week's talk for an approach to preserving availability!
About the Speaker
Carl Landwehr recently joined Mitretek Systems as a Senior Fellow in the Center for Information Systems. From 1976-1999, he was with the Naval Research Laboratory, serving most recently as head of the Computer Security Section of the Center for High Assurance Computer Systems. He has published numerous papers on research topics in computer security, including surveys on computer security models and a taxonomy for computer security flaws, and he has co-edited eight books. Recently, he was awarded a patent for a device that supports continuous authentication. While at NRL, he served as the U.S. representative to NATO and TTCP groups concerned with information security R&D. He has been active professionally in ACM, IEEE Computer Society, and IFIP, and he has assisted the National Research Council on computer security aspects of several studies, including a current study on Enhancing the Internet for Biomedical Applications. He also serves as an Associate Editor for IEEE Transactions on Software Engineering.
Dr.Landwehr received a B.S. in Engineering and Applied Science from Yale University and M.S. and Ph.D. degrees in Computer and Communication Sciences from the University of Michigan. He served on the Computer Science faculty at Purdue from 1974-1975 and has also taught at Georgetown, the University of Maryland, and Virginia Tech.
Unless otherwise noted, the security Fall and Spring seminar series is held on Wednesdays at 4:30P.M. STEW G52 (Suite 050B), West Lafayette Campus. More information...