Subject: SecureWare CMW+ Product BulletinProduct Evaluation Bulletin
REPORT NO: CSC-PB-002-90
AS OF: June 1990
PRODUCT: Compartmented Mode Workstation Plus
VENDOR: SecureWare, Inc.
CANDIDATE CLASS: B1
PRODUCT DESCRIPTION:
SecureWare’s Compartmented Mode Workstation Plus (CMW+) Version
1.0 is a multilevel secure version of Apple Computer’s A/UX
Release 1.1 for the Macintosh IIx and Macintosh IIcx
workstations. It incorporates trusted versions of the X Window
System 11R3 and the OSF/Motif Window Manager 1.0. CMW+ is a
general-purpose, multi-tasking operating system with a
windowing environment. It adds the security and functional
enhancements required by the Trusted Computer System Evaluation
Criteria (TCSEC) to A/UX, the X Window System and the OSF/Motif
Window Manager.
PRODUCT STATUS:
CMW+ was developed, and is marketed and supported by
SecureWare. Version 1.0 for the Macintosh IIx and Macintosh
IIcx workstations will be released in October 1990.
SECURITY EVALUATION STATUS:
A formal evaluation of CMW+ commenced in June 1990 and is
scheduled for completion in the fourth quarter of 1990. CMW+
will be evaluated against the TCSEC as a B1 system (Labeled
Security Protection). At the completion of the evaluation, a
final evaluation report will be published by the National
Computer Security Center, and CMW+ will be placed on the
Evaluated Products List.
In conjunction with the TCSEC evaluation, CMW+ is also being
evaluated against the Compartmented Mode Workstation (CMW)
requirements of the Security Requirements for System High and
Compartmented Mode Workstations (CMWREQs). At the completion
of the CMW evaluation, CMW+ will also be placed on the TCB
Extensions List as a CMW. The TCB Extensions List will be
available in future publications of the Information Systems
Security Products and Services Catalogue.
A Product Bulletin does not assign any rating to a product. It
merely establishes the candidate class, which is the highest
class the system could attain when the formal evaluation is
complete. As with all evaluations, a system must complete the
formal evaluation phase before being assigned any rating.
ENVIRONMENTAL STRENGTHS:
CMW+ is designed to provide security for environments requiring
trusted desktop data processing. In addition to providing the
traditional user specified access controls (i.e., discretionary
access controls) through protection bits, CMW+ provides access
control lists, which provide a more flexible user specified
access mechanism, and mandatory access control, to control the
distribution of information protected by the system to only
those users who have been authorized for the information. The
mandatory security policy is consistent with the Bell-La Padula
model and conforms with Department of Defense policy. In
addition, CMW+ provides an information labeling policy on the
information contained in objects. A virtually unlimited number
of classifications and compartments are supported.
CMW+ provides user identification and authentication through
usernames and passwords, and individual accountability through
its auditing mechanisms. The authentication features of CMW+
comply with the guidelines recommended in the DoD Password
Management Guideline, CSC-STD-002-85. The auditing mechanism
is controlled from a Motif-based interface and supports pre and
post-selection by user, group, event and sensitivity level
range. The trusted X server and trusted Motif window manager
provide a trusted path mechanism for login and for performing
all security-relevant functions. The security policies have
been implemented using X protocol extensions in a binary
backwards-compatible manner.
The system supports three separate privileged user roles as
defined in the CMWREQs for maintaining the system: System
Administrator, Information System Security Officer (ISSO) and
Operator. Motif-based programs are provided for the System
Administrator and ISSO to enable them to easily administer the
audit subsystem, user accounts and the device subsystem.
CMW+ supplies a privilege mechanism and a number of discrete
privileges that may be used to implement the principle of least
privilege. CMW+ also supports configurable command
authorizations on a per user basis to limit access to various
commands.
CMW+ is delivered with a number of programs which may be used
to reduce the likelihood of data compromise in the event of a
system failure.
CMW+ can transfer data, including all security attribute
information, to and from other SecureWare based systems via
removable media.
SecureWare has designed CMW+ to be compatible with many other
systems that are available in the marketplace.
* CMW+ is a trademark of SecureWare, Inc.
* Macintosh and A/UX are registered trademarks of Apple Computer, Inc.
* Motif is a trademark of Open Software Foundation, Inc.
* The X Window System is a trademark of the Massachusetts Institute of
Technology
