Accession Number : ADA327129
Title : The JMCIS Information Flow Improvement (JIFI) Assurance Strategy.
Descriptive Note : Rept. for 1 Oct 95-30 Sep 96,
Corporate Author : NAVAL RESEARCH LAB WASHINGTON DC COMPUTER SECURITY SECTION
Personal Author(s) : Moore, Andrew P.
PDF Url : ADA327129
Report Date : 30 MAY 1997
Pagination or Media Count : 60
Abstract : The Joint Maritime Command Information System (JMCIS) provides a common operating environment for Naval tactical decision aids that currently operates two distinct system high enclaves, one at SECRET/GENSER and one at TOP SECRET/SCI. NRL Code 5540 is developing an extension of JMCIS, called JIFI (JMCIS Information Flow Improvement), to improve the timeliness and accuracy of GENSER information available to SCI JMCIS analysts while maintaining the security posture of the system. This document describes the strategy for developing the evidence that JIFI satisfies its critical security requirements. The strategy views databases in more classified enclaves as potential replica sites for data from less classified enclaves. Replicated data flows from lower enclaves to higher ones via simple one-way connections, yielding a high assurance MLS distributed system. The system high enclaves ensure discretionary security. The one-way connections are the only trusted component with respect to mandatory security. The JIFI architecture incorporates a one-way communications device, called the Pump, and existing COTS database replication technology to provide the extended JMCIS function. The JIFI assurance strategy described here complements and exploits modern system design methods, which separate data management from data processing, and enables effective low-cost MLS operation within the paradigm.
Descriptors : *INFORMATION EXCHANGE, *DATA PROCESSING SECURITY, *DECISION AIDS, *TACTICAL DATA SYSTEMS, DATA BASES, DATA PROCESSING, REQUIREMENTS, STRATEGY, DATA MANAGEMENT, NAVY, SITES, COMMUNICATION EQUIPMENT, ACCURACY, FLOW, REPLICAS, TIMELINESS.
Subject Categories : Computer Systems
Computer Systems Management and Standards
Distribution Statement : APPROVED FOR PUBLIC RELEASE