15th Annual Computer Security Applications Conference
December 6-10, 1999
Phoenix, Arizona

Tools to Support Secure Enterprise Computing

Myong H. Kang, mkang@itd.nrl.navy.mil
Brian J. Eppinger
Judith N. Froscher

Naval Research Laboratory
Information Technology Division
Code 5540
Washington DC 20375

Keywords: Security, Enterprise computing, Workflow, Tool

Secure enterprise programming is a difficult and tedious task. Programmers need tools that support different levels of abstraction and that track all the components that participate in distributed enterprises. Those components must cooperate in a distributed environment to achieve higher-level goals. A special case of secure enterprise computing is multilevel secure (MLS) computing. Components that may reside in different security domains have to cooperate to achieve higher-level missions.

To ease the programmerís burden, we are developing an MLS workflow management system (WFMS), called MLS METEOR. A programmer can specify a distributed programming logic through a GUI-based workflow design tool. Based on the programming logic, MLS METEOR will generate a distributed runtime system that handles communication among different hosts, even those that reside in different classification domains. The multilevel security enforcement of MLS METEOR does not depend on the WFMS itself but rather on the underlying MLS infrastructure and a few security critical components. This paper concentrates on the system organization of MLS METEOR and the rationale for this structure. We explain which portions of the system can be used in generic enterprise computing and which portions are specific to MLS computing.