1996-01-09 - NSA and NT security

Header Data

From: Corey Bridges <corey@netscape.com>
To: cypherpunks@toad.com
Message Hash: 1005d4616e3871643d1eb925f281a4b542f963d0f363b0d54c0c4e5fbb3f6abb
Message ID: <199601091826.KAA06961@urchin.netscape.com>
Reply To: N/A
UTC Datetime: 1996-01-09 19:00:54 UTC
Raw Date: Wed, 10 Jan 1996 03:00:54 +0800

Raw message

From: Corey Bridges <corey@netscape.com>
Date: Wed, 10 Jan 1996 03:00:54 +0800
To: cypherpunks@toad.com
Subject: NSA and NT security
Message-ID: <199601091826.KAA06961@urchin.netscape.com>
MIME-Version: 1.0
Content-Type: text/plain



PALO ALTO, Calif., Jan. 8 /PRNewswire/ via Individual Inc. -- Global
Internet today announced that the National Security Agency has awarded them
a contract to conduct a feasibility study on raising the security level of
Windows NT 3.51 to B-level. Global Internet will analyze Windows NT's
ability to meet B-level security requirements, as well as develop a software
prototype that demonstrates a Fortezza-based cryptocard access control
mechanism. 

The contract was granted by the NSA under the Multilevel Information System
Security Initiative (MISSI), which has the charter to provide security
services for information ranging from Unclassified but Sensitive up to and
including Top Secret. Windows NT was originally designed with security in
mind. A NSA evaluation team has determined that Windows NT 3.5 with Service
Pack 3 satisfies all class C-2 security requirements. B-level of security
strengthens the C2 level security features while providing stricter system
assurances. 

Global Internet has a proven expertise with Windows NT. Centri TNT is the
only network security solution that is fully integrated into Windows NT
TCP/IP networks by complementing and extending Windows NT's inherent
strengths, while maintaining 100% compatibility with existing applications.
Global Internet also has extensive experience architecting, designing and
developing high level secure operating systems. 

"This project addresses anticipated security requirements for DOD, as well
as commercial customers using Windows NT," said Michelle Ruppel, a director
of the Global Internet Software Group. "Our analysis will address
compatibility issues with B-level security requirements and identify the
changes necessary to provide this level of support." 

According to Outlink, Inc., a New York-based research and publishing firm
focusing on the information security market, about 80% of the PC hardware
market supports Microsoft's DOS and Windows 3.1. This combination, though
popular, does not provide inherent security features such as secure login,
access control, auditing and self-protection. Strong access control is a
highly desirable function of the MISSI architecture. Trusted Operating
Systems will play a role in the MISSI success. 

Windows NT is a modular OS and combined with its current security features
that are based on the Trusted Products Evaluation Program (TPEP) C2 level of
security and it's ability to operate on the majority of customer platforms
while supporting DOS and Windows applications, the architecture lends itself
to support B-level requirements. 

An operating system with few security features allows anyone to use the
machine without validating their identity, while allowing access to all
files, objects and resources. C2 level security includes: auditing to allow
security-relevant events to be recorded and monitored, discretionary
(need-to-know) access controls to mediate who can access (read or write) files
and other objects and identification and authentication (login) to require
users to identify themselves to the system before they are allowed to use
the system. 

B-level security additionally includes: labeling of users, files and other
objects with a sensitivity label, mandatory access controls to enforce a
security policy based on the labels of the users and objects and trusted
path that ensures users they are using the actual programs provided with the
system. 

The Global Internet Software Group specializes in security software for
Windows NT networks and other operating environments. The Software Group is
a division of Global Internet, a full-service internetworking solutions
company focusing on secure, reliable internetworking software and services.
Located in Palo Alto, California, Global Internet is privately held and was
founded in 1993. Global Internet Home Page: http://www.gi.net. 

/CONTACT: Jim Adams of Adams And Associates, 408-370-5390, or E-mail:
jaadams@ix.netcom.com, for Global Internet; or Mark R. Kriss of Global
Internet, 415-855-1700, or E-mail: mkriss@gi.net/ 






Thread