 | This article includes a list of references, related reading, or external links, but its sources remain unclear because it lacks inline citations. Please help improve this article by introducing more precise citations. (November 2021) (Learn how and when to remove this message) |
Partitioning Communication System is a computer and communications security architecture based on an information flow separation policy. The PCS extends the four foundational security policies of a MILS (Multiple Independent Levels of Security) software architecture to the network:
- End-to-end Information Flow
- End-to-end Data Isolation
- End-to-end Periods Processing
- End-to-end Damage Limitation
The PCS leverages software separation to enable application layer entities to enforce, manage, and control application layer security policies in such a manner that the application layer security policies are:
- Non-bypassable
- Evaluatable
- Always-invoked
- Tamper-proof
The result is a communications architecture that allows a software separation kernel and the PCS to share responsibility of security with the application.
The PCS was invented by OIS. OIS collaborated extensively on the requirements for the PCS with:
- National Security Agency
- Air Force Research Laboratory
- University of Idaho
- Lockheed Martin
- Boeing
- Rockwell Collins
References
- Vanfleet, W. Mark; Luke, Jahn A.; Beckwith, R. William; Taylor, Carol; Calloni, Ben; Unchenick, Gordon (August 2005). "MILS - Architecture for High-Assurance Embedded Computing". Crosstalk (Aug 2005). Archived from the original on 2007-03-19.
- Presentation at OMG Software Based Communications Workshop
- Beckwith, R. William. "MILS Partitioning Communication System". Objective Interface Systems, Inc. Archived from the original on 2007-09-28.