55 ;;Quote: multilevel security: each individual is assigned a clearance and each item of information has a classification; widely used

55 ;;Quote: security partition: a set of compartments accessible by an individual, and a clearance or classification

55 ;;Quote: conventional computer systems do not enforce multilevel security; subverted by trap doors and trojan horses

57 ;;Quote: reference monitor for trustworthy access to untrusted components and data; checks each access against policy and record so far

57 ;;Quote: a security kernel mistakenly combines separation and mediation of security issues

57 ;;Quote: physically separate untrusted computing resources and the security processors

57 ;;Quote: temporally separate activities in different security partitions by reinitializing an untrusted host

57 ;;Quote: security processors contain a separation kernel to logically separate reference monitors and untrusted support functions

57 ;;Quote: separation kernels are smaller, less complicated, faster, and more easily verified then security kernels

57 ;;Quote: cryptographic separation for different uses of shared communication and storage media

58 ;;Quote: implemented the secure Newcastle_Connection as a Unix layer above the kernel

60 ;;Quote: cipher block chaining prevents information leaks by modulating message contents, but not leaks from pattern-of-use channels

60 ;;Quote: separate communication channels by encryption and a high-quality checksum that includes a message's identification fields

61 ;;Quote: separate communication channels by a different encryption key for each security partition

62 ;;Quote: use a trustworthy intermediary for secure information flow; e.g., a low-level host places a file in a secure store for reading by a high-level host

63 ;;Quote: partition secure file system into trusted and untrusted machines; the secure file manager enforces secure access to the untrusted file storage

63 ;;Quote: secure file manager adds a checksum to prevent top secret information from leaking from the file store

64 ;;Quote: secure file manager maintains a complete history of the last five minutes; prevents frequent versions of the same file for a pattern-of-use channel

64 ;;Quote: a file storage machine can be used for multiple security partitions since leaks are prevented by the secure file manager