Network security: Protocol reference model and the trusted computer system evaluation criteria

Issues arising from the application of the Trusted Computer System Evaluation Criteria (TCSEC) to networks are discussed, particularly those requiring further research. The focus is on how to integrate many of the concepts in the Open Systems Interconnection (OSI) security addendum into the framework of the TCSEC. The discussion covers the protocol architectural issues of the trusted network with particular emphasis on the relationship among network protocols, protocol reference model, and network security. It is argued that application of the TCSEC to computer networks requires incorporation of a network protocol reference model as implemented in a protocol suite.

[1]  Stuart Wecker Computer Network Architectures , 1979, Computer.

[2]  David J. Kaufman,et al.  A centralized approach to computer network security , 1976, AFIPS '76.

[3]  P. S. Tasker,et al.  DEPARTMENT OF DEFENSE TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA , 1985 .

[4]  Dorothy E. Denning,et al.  Protecting Public Keys and Signature Keys , 1983, Computer.

[5]  Gérard Berthelot,et al.  Petri Nets Theory for the Correctness of Protocols , 1982, PSTV.

[6]  M. Greenlee Requirements for key management protocols in the wholesale financial services industry , 1985, IEEE Communications Magazine.

[7]  Deepinder P. Sidhu Protocol Verification via Executable Logic Specifications , 1983, Protocol Specification, Testing, and Verification.

[8]  Eric C. Rosen,et al.  Vulnerabilities of network control protocols: an example , 1981, CCRV.

[9]  Stephen T. Kent,et al.  Security Mechanisms in High-Level Network Protocols , 1983, CSUR.

[10]  P. Merlin,et al.  Specification and Validation of Protocols , 1979, IEEE Trans. Commun..

[11]  Carl E. Landwehr A Survey of Formal Models for Computer Security. , 1981 .

[12]  D. Elliott Bell Secure Computer Systems: A Refinement of the Mathematical Model , 1974 .

[13]  Marshall D. Abrams,et al.  Tutorial computer and network security , 1986 .

[14]  G. Hoover,et al.  X.25 Conformance testing-A tutorial , 1986, IEEE Communications Magazine.

[15]  Carl E. Landwehr,et al.  A security model for military message systems , 1984, TOCS.

[16]  Wai Lai,et al.  Protocol Traps in Computer Networks - A Catalog , 1982, IEEE Transactions on Communications.