14th Annual Computer Security Applications Conference
December 7-11, 1998
Phoenix, Arizona


Private Desktops and Shared Store

Bryony Pomeroy and Simon Wiseman

Modern interconnected computer systems handling classified information can be built using mainstream COTS software platforms. The technique provides each user with a private desktop in which to work, along with services for sharing data. Within a desktop, the user is helped to label their data. When data is shared, labelling prevents accidental compromise, but other measures defend against other forms of compromise.

Purple Penelope is a prototype that extends Windows NT security to support this approach. It adds discretionary labelling, easy to use role based access controls and effective Accounting and Audit measures to shared files.