Department of Defense (DoD) requires Controlled Access Protection (CAP)
for classified information processing. The Windows 2000 CAP functionality,
with an Evaluated Assurance Level (EAL) 4, is not sufficient. This
presentation
describes CAP for the Joint Mission Planning System (JMPS). It describes
the Windows functionality we used, how we used it, the security features
satisfied and, more importantly, the shortfalls of Windows 2000 and how we
compensated for them. JMPS is also required to be Defense Information
Infrastructure (DII) Common Operating Environment (COE) level 6
compliant. This presentation describes our use of COE with the impacts
and
benefits.
This presentation is beneficial to Microsoft and system
developers. This enables Microsoft to provide an inherent capability
allowing consistent deployment and training processes across DoD. Other
developers will understand our design approach, the security requirements
satisfied, the level of effort required to implement it, and its impact on
the overall security certification and accreditation.
|
Wednesday