The Trusted Services Engine (TSE) is network-enabled software appliance based on web standards that enables secure file sharing across multiple security levels. The TSE allows users at higher security levels to gain an integrated view with read-only access to un-replicated files at lower levels and read/write access to files at their own level. It is designed for high assurance, including a formal proof that the secure read-down policy will be enforced by the system. The TSE is designed to be hosted on a high assurance separation kernel, and is currently hosted on Security-Enhanced Linux (SELinux).
Availability: GOTS. Contact us for access to the technology.Wait-Free File System (WFFS)
The TSE’s requirement that “read-downs” from HIGH security levels to LOW do not introduce a covert channel places a novel constraint on a file system design. To provide high assurance separation, the TSE uses separate file systems, one per security level, without any direct communication between file systems. This complicates maintaining consistent caches between file systems, yet HIGH must access the LOW disk at any point without reading inconsistent data.
The Wait-Free File System (WFFS) provides these consistency properties, which are built using a synchronization mechanism similar to “wait-free” techniques used in multiprocessor systems to synchronize access to shared memory.