Learn More
Blurring the line between software and hardware, reconfigurable devices strike a balance between the raw high speed of custom silicon and the post-fabrication flexibility of general-purpose processors. While this flexibility is a boon for embedded system developers, who can now rapidly prototype and deploy solutions with performance approaching custom(More)
Requirements specifications for high assurance secure systems are rare in the open literature. This paper examines the development of a requirements document for a multilevel secure system that must meet stringent assurance and evaluation requirements. The system is designed to be secure, yet combines popular commercial components with specialized high(More)
The IPsec protocol provides a mechanism to enforce a range of security services for both confidentiality and integrity, enabling secure transmission of information across networks. Dynamic parameterization of IPsec, via the KeyNote trust management system, further enables security mechanisms to adjust the level of security service " on-the-fly " to respond(More)
1. We examine the concept of security as a dimension of Quality of Service in distributed systems. Implicit to the concept of Quality of Service is the notion of choice or variation. Security services also offer a range of choice both from the user perspective and among the underlying resources. We provide a discus­ sion and examples of user-specified(More)
High assurance systems used in avionics, medical implants, and cryptographic devices often rely on a small trusted base of hardware and software to manage the rest of the system. Crafting the core of such a system in a way that achieves flexibility, security, and performance requires a careful balancing act. Simple static primitives with hard partitions of(More)
This paper presents a Quality of Security Service (QoSS) costing framework and demonstration. A method for quantifying costs related to the security service and for storing and retrieving security information is illustrated. We describe a security model for tasks, which incorporates the ideas of variant security services invoked by the task, dynamic network(More)
When users' tasks in a distributed heterogeneous computing environment (e.g., cluster of heterogeneous computers) are allocated resources, the total demand placed on some system resources by the tasks, for a given interval of time, may exceed the availability of those resources. In such a case, some tasks may receive degraded service or be dropped from the(More)
Various system architectures have been proposed for high assurance enforcement of multilevel security. This paper provides an analysis of the relative merits of three architectural types -- one based on a security kernel, another based on a traditional separation kernel, and a third based on a least-privilege separation kernel. We introduce the Least(More)
FPGAs combine the programmability of processors with the performance of custom hardware. As they become more common in critical embedded systems, new techniques are necessary to manage security in FPGA designs. This article discusses FPGA security problems and current research on reconfigurable devices and security, and presents security primitives and a(More)