Issue No.06 - June (1990 vol.16)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/32.55089
<p>The primary goal of the MITRE compartmented mode workstation (CMW) project was to articulate the security requirements that workstations must meet to process highly classified intelligence data. As a basis for the validity of the requirements developed, a prototype was implemented which demonstrated that workstations could meet the requirements in an operationally useful manner while still remaining binary compatible with off-the-shelf software. The security requirements not only addressed traditional security concerns but also introduced concepts in areas such as labeling and the use of a trusted window management system. The CMW labeling paradigm is based on associating two types of security labels with objects: sensitivity levels and information labels. Sensitivity levels describe the levels at which objects must be protected. Information labels are used to prevent data overclassification and also provide a mechanism for associating with data those markings that are required for accurate data labeling, but which play no role in access control decisions. The use of a trusted window manager allows users to easily operate at multiple sensitivity levels and provides a convenient mechanism for communicating security information to users in a relatively unobtrusive manner.</p>
data overclassification prevention; MITRE compartmented mode workstation; security requirements; highly classified intelligence data; binary compatible; trusted window management system; security labels; objects; sensitivity levels; information labels; markings; accurate data labeling; multiple sensitivity levels; security of data; software engineering; workstations.
J.L. Berger, J. Picciotto, J.P.L. Woodward, P.T. Cummings, "Compartmented Mode Workstation: Prototype Highlights", IEEE Transactions on Software Engineering, vol.16, no. 6, pp. 608-618, June 1990, doi:10.1109/32.55089