Summary: | This study contributes to the realization of a high assurance Multilevel Secure Local Area Network. The system consists of a Trusted Computing Base (TCB) that acts as a server base. Clients are COTS workstations and software, augmented with a hardware-based TCB Extension (TCBE). This work concentrates on object reuse control on the client, which is one of the security services to be provided by the TCBE. Object reuse mechanisms are designed to assure that sensitive information does not persist across sessions or session level changes. We analyzed 29 chips on the PC motherboard. We proposed and evaluated possible solutions for object reuse control of four storage areas: main memory, AGP memory, cache and Real Time Clock (RTC) memory. The feasibility of one proposed solution was demonstrated. We found that main memory can be cleared by slowing its refresh rate. It was determined that AGP memory cannot be read out by devices on the PCI and ISA bus. The Intel INVD command can be used to clear cache. RTC memory can be accessed and its integrity checked by TCBE software. This study establishes a foundation for object reuse control efforts targeting COTS PC products manufactured by various vendors.
|