SBIR-STTR Award

This effort addresses the requirements and design issues surrounding the development of secure computer networks. We propose a design for a secure computer network which incorporates network security devices. This network is expected to provide a processing environment with acceptable performance where sharing of classified information may be accomplished with confidence in the preservation of the security and integrity of the information being manipulated. The phase I work shall determine the feasibility of using a family of network security devices in order to attain computer network security. In doing so, it shall provide a formal top-level specification of a secure network and of the functionality of the network security device used to attain that security.

This proposal addresses the prototype development of a secure local area network (LAN) that incorporates network security devices and a network security center. The secure LAN will provide a processing environment where transmission of data at multiple security levels may be accomplished with confidence in the preservation of the security and integrity of the data. The phase ii work will develop a prototype secure LAN that is not only fully functional, but that is based on the requirements for a class al system as defined by the department of defense trusted computer system evaluation criteria. The al criteria stipulate verified design, and thus a key aspect of the phase ii effort will be the verification of a formal top-level specification of the system against a mathematical model of network security.