Episode 3 – Roger Schell: High Assurance in the Twenty-First Century
Bob Blakley and Lorrie Cranor
Share this on:
In the third episode of Over the Rainbow Podcast: 21st Century Security & Privacy Podcast, hosts Lorrie Cranor and Bob Blakely discuss with Roger Schell the history of high-assurance systems and their place in the 21st-century cybersecurity landscape. Roger Schell led the development of the “Orange Book” — the first volume of the US Government’s “Rainbow Series” of Computer Security standards, which was one of the inspirations for this podcast’s title.
The Orange Book was based on the concept of a reference monitor — an operating system kernel that could be proven secure because it was constructed in a way that supported a proof of its security. The government’s effort to stimulate the emergence of a market for high-assurance systems in the 1980s and 1990s failed, but no subsequent system design principle has proven capable of achieving similar levels of security.