Finished Projects
A High Assurance, Multilevel Secure Web server
The Multilevel Secure (MLS) Web server protects against unauthorized attempts by users of the World Wide Web (WWW) to modify web data. This product also protects against attempts to gain unauthorized access to sensitive information. The MLS Web server uses the Trusted Mach® (TMach) system's MLS capabilities to protect against such attacks.
Commercial web servers have well-known vulnerabilities that allow remote users to modify or destroy web data. This product closes these vulnerabilities by using the TMach system capability that restricts an application to write data only at the same level at which the application (eg., web server program) is executing. If the web data is stored below the application's execution level, then the application cannot modify or destroy it, no matter what vulnerability that commercial web server program may have.
The MLS capabilities of the TMach system provide a natural base for implementing a multilevel secure web service. This is achieved by executing multiple instances of commercial web server programs on the TMach base, one for every network to which the machine is connected. The result is that the web server program offering service to clients on a particular network can only read data that is accessible to that network and any attempt to access data not available through that network is denied.
In commercial situations, the MLS Web server can be configured to store the organization's proprietary data at a higher level than data that is public. Anyone connecting from a public network like the Internet, would then be limited to accessing the public data, while requests from the internal network would be able to access both public and proprietary data. The MLS Web server is also suitable for military organizations that wish to serve user communities with different clearance privileges.