Edit WYSIWYGattachfile Attach PDF Raw View►More Actions▼More Actions


Restore topic to revision: You will be able to review the topic before saving it to a new revision

Copy text and form data to a new topic (no attachments will be copied though).
Name of copy:
You will be able to review the copied topic before saving

Rename/move topic... scans links in all public webs (recommended)
Rename/move topic... scans links in CBI_ComputerSecurity web only
Delete topic... scans links in all public webs (recommended)
Delete topic... scans links in CBI_ComputerSecurity web only

Revision Date Username Comment
1829 Dec 2015 - 17:40ThomasMisa 
1729 Dec 2015 - 17:39ThomasMisa 
1608 Dec 2014 - 10:47ThomasMisa 
1522 Jul 2014 - 17:15ThomasMisa 
1422 Jul 2014 - 16:57ThomasMisa 
1322 Jul 2014 - 16:49ThomasMisa 
1222 Jul 2014 - 14:35ThomasMisa 
1122 Jul 2014 - 14:12ThomasMisa 
1022 Jul 2014 - 14:07ThomasMisa 
922 Jul 2014 - 14:01ThomasMisaAttached file Screen_shot_2014-07-22_at_1.58.23_PM.png 
earlier first

Render style:     Context:


 History: r18 < r17 < r16 < r15 < r14
[X] Hide this message.
Notice: On June 30, 2016, UMWiki service will be decommissioned. If you have information in UMWIki that needs to be preserved, you should make plans to move it before that date. Google Sites is anticipated to be the most popular and appropriate alternative for users because it offers a more modern and user-friendly interface and unlimited capacity. To learn more about the features of Google Sites and other alternatives, and to identify which one best fits your needs, see the University’s Website Solution Selection Guide. If you have concerns or would like help regarding this change and your options, please contact Technology Help at help@umn.edu
You are here: UMWiki>CBI_ComputerSecurity Web>Systems>SystemsBlacker (revision 18)

Current Activitieslock Who is Who?lock People Programs Publications CSHW_2014 Systems Events Mechanisms

BLACKER

 

BLACKER was the first wide-area computer-network security project -- and only the second or third system of any kind -- to achieve the top "A1" rating of the Trusted Computer System Evaluation Criteria (TCSEC), which it earned in 1991. (Boeing's Secure Local Area Network was also so designated in 1991.) A U.S. Department of Defense project conducted jointly by System Development Corporation and Burroughs, BLACKER was the first end-to-end trusted encryption system on the U.S. Defense Data Network (DDN).(1)

Four elements of the system were developed by the military systems division of Unisys. (In 1980 SDC had been sold to Burroughs, and in 1986 Burroughs and Sperry merged to form Unisys.) (1) The BLACKER front end (BFE) was an encryption box that sat between the host computer and the packet switched network. (2) The BLACKER initialization-parameters carrier (BIC), a "cigarette-box sized" removable device, provided host-specific operational and security parameters. The two other devices on the network (3-4) controlled the permissions for message exchange (this Access Control Center was described as the "brains" of the system) and distributed security keys (Key Distribution Center). There were provisions for 50 secure hosts per backbone and up to 1,000 hosts per domain, with internetworking allowing a system of up to 50,000 hosts.(2)

BLACKER employed the Bell-LaPadula security model, where a host computer served as a "subject," and the encrypted network was the "object." However, applying the highly logical Bell-LaPadula model to networked security was not straightforward. These difficulties pointed to limitations in the Bell-LaPadula model in computer security.(3) (4)

BLACKER was implemented on the DDN using Cisco Systems X.25. The front-end encryption (BFE) allowed host computers to communicate securely over unsecured packet-switched networks. The virtual network between the BFE-secured machines was called the "red" network. The packet-switched network, carrying both the secured BFE traffic as well as unsecured traffic, was called the "black" network.(5)

Blacker DDN diagram (from Weissman 1992):
Screen_shot_2014-07-22_at_1.58.23_PM.png

Notes

1 , 4 : Donald MacKenzie, Mechanizing Proof: Computing, Risk, and Trust (MIT Press, 2001), 181, 190-191.

2 : lock Clark Weissman, BLACKER: Security for the DDN Examples of A1 Security Engineering Trades IEEE Computer Society Symposium on Research in Security and Privacy (IEEE, 1992), 286. (Login required)

3 : lock Clark Weissman, BLACKER: Security for the DDN Examples of A1 Security Engineering Trades IEEE Computer Society Symposium on Research in Security and Privacy (IEEE, 1992), 287. (Login required)

5 : lock Emil V. DeRenzo, et al, The Integrated Tactical Data Network (ITDN): Multi-Security Level Tactical/Strategic Connectivity Through Existing Packet Switching Technology Military Communications Conference, 1990. MILCOM Conference Record, A New Era (IEEE, 1990), 2-4, 6. (Login required)


Topic attachments
I Attachment Action Size Date WhoSorted ascending Comment
pngpng Screen_shot_2014-07-22_at_1.58.23_PM.png manage 102.7 K 22 Jul 2014 - 13:59 ThomasMisa Blacker DDN diagram
Topic revision: r18 - 29 Dec 2015 - 17:40:41 - ThomasMisa
 
Signed in as lewi0740 (NicLewis) | Sign out
UMWiki UMWiki
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding UMWiki? Send feedback