Multilevel secure workstation

US 5,075,884 A
Filed: 12/23/1987
Issued: 12/24/1991
Est. Priority Date: 12/23/1987
Status: Expired due to Term

First Claim

Patent Images

1. A secure computer workstation apparatus for processing classes of information, each class of information corresponding to a defined security level, and for presenting a display of said information on a screen of a video display device, said apparatus comprising:

a plurality of computer processors, each one of said computer processors constrained to operate in a single defined security level providing security control independent of any other of said computer processors;

a plurality of output interfaces, each one of said output interfaces coupled to and restricted to receive output data and control information from a single one of said computer processors; and

a display generator coupled to said output interfaces, said display generator comprising;

a plurality of input interfaces restricted to providing digital data from secure sources, including from said computer processors, a single one of said output interfaces being coupled only to a single one of said input interfaces,a plurality of update memories, each one of said update memories being coupled to only one of said input interfaces for receiving data through said input interface from only a single one of said secure sources,a display memory coupled to receive data from all of said update memories for assembling said data into display information for display on said screen of said video display device,a display memory controller coupled to said display memory to control display of contents of the display memory, said display memory having memory locations restricted to a one-to-one correspondence with display locations on said screen of said video display device,a screen division controller means coupled to said update memories for limiting access of said update memories to selected address locations of the display memory, said screen division controller means comprising a first comparator and a second comparator, for comparing current memory locations with predefined memory locations and to issue update memory read enable signals to write to predefined locations of said display memory, said screen division controller means defining individual and independent screen divisions through selection of blocks of address locations, andan output means coupled to said display memory for directing output from said selected address locations defined by the display generator of the display memory and generating signals for said video display device to direct data to only one of said screen divisions having a defined security level, each said screen division comprising a portion of said screen of said video output display.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer workstation having a window output display for potential use in security-sensitive environments provides multilevel security by physical isolation of processes in predefined security levels, each process or like-classified group of processes is displayed only through a suitably labeled window, access to the window requiring access through a previously security qualified physical signal path. The invention does not compromise security by mixing a software-based security environment with other untested software. All security is hardware-based.

80 Citations

View as Search Results

9 Claims

1. A secure computer workstation apparatus for processing classes of information, each class of information corresponding to a defined security level, and for presenting a display of said information on a screen of a video display device, said apparatus comprising:
- a plurality of computer processors, each one of said computer processors constrained to operate in a single defined security level providing security control independent of any other of said computer processors;
  
  a plurality of output interfaces, each one of said output interfaces coupled to and restricted to receive output data and control information from a single one of said computer processors; and
  
  a display generator coupled to said output interfaces, said display generator comprising;
  
  a plurality of input interfaces restricted to providing digital data from secure sources, including from said computer processors, a single one of said output interfaces being coupled only to a single one of said input interfaces,a plurality of update memories, each one of said update memories being coupled to only one of said input interfaces for receiving data through said input interface from only a single one of said secure sources,a display memory coupled to receive data from all of said update memories for assembling said data into display information for display on said screen of said video display device,a display memory controller coupled to said display memory to control display of contents of the display memory, said display memory having memory locations restricted to a one-to-one correspondence with display locations on said screen of said video display device,a screen division controller means coupled to said update memories for limiting access of said update memories to selected address locations of the display memory, said screen division controller means comprising a first comparator and a second comparator, for comparing current memory locations with predefined memory locations and to issue update memory read enable signals to write to predefined locations of said display memory, said screen division controller means defining individual and independent screen divisions through selection of blocks of address locations, andan output means coupled to said display memory for directing output from said selected address locations defined by the display generator of the display memory and generating signals for said video display device to direct data to only one of said screen divisions having a defined security level, each said screen division comprising a portion of said screen of said video output display.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The apparatus according to claim 1 wherein said display generator further includes:
    - security level labeling means for labeling each said screen division; and
      
      whereinsaid update memory is also coupled to said security level labeling means for combining output of said security level labeling means and output from said computer processors, such that all information within a screen division is displayed as a whole with a security label.
  - 3. The apparatus according to claim 2 wherein said security level labeling means comprises means for directing a security level label to predefined locations within at least one of said update memories, such that a read of the update memory includes a read of a security level.
  - 4. The apparatus according to claim 3 wherein said display generator further includes a display address generator coupled to said display memory and to said screen division controller means for providing an incrementing address signal for each read and write of the display memory.
  - 5. The apparatus according to claim 4 wherein said display address generator comprises a counter, said counter being initialized at zero at the commencement of each read and write cycle and incrementing sequentially through all addresses of said display memory.
  - 6. The apparatus according to claim 1 wherein said display generator further includes means for erasing each update memory under predetermined conditions, including a change in security level and upon transfer of information to the display memory, said erasing means being operably coupled to said update memories and to said input interfaces.
  - 7. The apparatus according to claim 5 wherein input to any single update memory is coupled to be received only from a single one of said computer processors such that information displayed on any single screen division is limited to information which has been processed by a secure processor limited to manipulation of only one security level of data.
  - 8. The apparatus according to claim 1 wherein at least one said input interface is an imagery input interface for transferring to said display generator imagery data directed from a security classifiable source.
  - 9. The apparatus according to claim 1 wherein access between a user and the video display device is restricted by limiting user input to direction through means for interfacing between the user and a machine coupled only directly to at most one of said computer processors at any one time.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lockheed Martin Corporation (Martin Marietta Corporation)
Original Assignee
Loral Aerospace Corp. (MHR Holdings LLC (New York))
Inventors
Hubbard, Frank, Dinolt, George W., Sherman, Richard H.
Primary Examiner(s)
Shaw, Gareth D.
Assistant Examiner(s)
Chavis, John Q.

Application Number

US07/137,549
Time in Patent Office

1,462 Days
Field of Search

364/200 MS File, 364/900 MS File, 380/24
US Class Current

726/4
CPC Class Codes

G06F 21/52   during program execution, e...

G06F 21/84   output devices, e.g. displa...

G06F 2211/009   Trust

Multilevel secure workstation

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

80 Citations

9 Claims

Specification

Use Cases

Quick Links

Others

Multilevel secure workstation

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

80 Citations

9 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others