Charles N. Payne

Learn More
Accreditors want to know what vulnerabilities will exist if they decide to turn on a system. TCSEC evaluations address products, not systems. Not only the hardware and software of a system are of concern; the accreditor needs to view these components in relation to the environment in which they operate and in relation to the system's mission and the threats(More)
Coordinating multiple overlapping defense mechanisms, at differing levels of abstraction, is fraught with the potential for misconfiguration, so there is strong motivation to generate policies for those mechanisms from a single specification in order to avoid that risk. This paper presents our experience and the lessons learned as we developed, validated(More)
Napoleon consists of three parts; a model for specifying security policies for a heterogeneous set of network resources: a graphical tool for manipulating the model and software to translate the policy to target security mechanisms. This paper focuses on how the layered policy approach in the Napoleon model has been generalized to allow for adding(More)
The insider threat has assumed increasing importance as our dependence on critical cyber information infrastructure has increased. In this paper we describe an approach for thwarting and attributing insider attacks. The Sense, Prepare, Detect, and React (SPDR) approach utilizes both a highly intelligent software reasoning system to anticipate, recognize,(More)
Approved for public release; distribution unlimited.ABSTRACT The External COMSEC Adaptor (ECA) is a device responsible for providing cryptographic protection of information based on rules that (possibly coarsely) define the sensitivity of that information. The ECA is trusted to satisfy a set of critical requirements that support data confidentiality in the(More)
The Unified Cross Domain Management Office (UCDMO) states that its mission is to provide coordination and oversight for the cross domain community's vision of "secur[ing] cross domain access to and sharing of timely and trusted information, creating a seamless Enterprise that enables decision advantage." [14] The UCDMO defines three types of cross domain(More)