You are here

Uncategorized

Consulting

I am available for consulting to private and educational organizations, government contractors, and government agencies. Click here for contact information.

Here are examples of consulting activities I have performed over the years.

Taxonomy upgrade extras: 

Cross Domain Security

I first encountered the term cross domain security (or cross domain systems, or cross domain solutions, or just CDS) at a workshop in the late 1990s. We were discussing the problem of how to share information with coalition forces even though different countries had different, treaty-based access to US defense information. Even worse, there were coalitions that contained countries who were not on the best of terms (like Japan and Korea).

Taxonomy upgrade extras: 

MLS Introduction

Multilevel security (MLS) has posed a challenge to the computer security community since the 1960s. MLS sounds like a mundane problem in access control: allow information to flow freely between recipients in a computing system who have appropriate security clearances while preventing leaks to unauthorized recipients. However, MLS systems incorporate two essential features: first, the system must enforce these restrictions regardless of the actions of system users or administrators, and second, MLS systems strive to enforce these restrictions with incredibly high reliability.

Taxonomy upgrade extras: 

Publications

Picking Passwords

More and more of us are stuck choosing passwords that only Mordac could love.

Mordac is the "preventer of information services" who appears in my favorite Dilbert cartoon about password management. A "Mordac password" contains a collection of different types of characters: both upper and lower case, plus digits, plus punctuation, plus anything else they can think of.

Taxonomy upgrade extras: 

Multilevel Security

Multilevel security (MLS) is a technology to protect secrets from leaking between computer users, when some are allowed to see those secrets and others are not. This is generally used in defense applications (the military and intelligence communities) since nobody else is nearly as paranoid about data leaking. A modern wrinkle on this is called cross domain systems (CDS) in which we speak of domains instead of levels, and are usually sharing data on computer networks instead of individual computers

Taxonomy upgrade extras: 

Creative Commons Attribution

Creative Commons License This item is Copyright by Rick Smith of Cryptosmith LLC.

It is licensed for use by others under the Creative Commons Attribution 3.0 United States License.

Wordpress tag: 
Post category: 

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer