Publications Details
Software security for a network storage service
In 1991, Sandia National Laboratories acquired a Network Storage Service (NSS) as a result of a fully competitive procurement. The Network Storage Service, which provides access to over a terabyte of data storage in a two-tiered hierarchy, had minimal software security features. Before the NSS could be placed into production, it had to be accredited by the Department of Energy, Sandia's accrediting authority. Sandia was faced with implementing security features to allow the NSS to be operated in its secure computing network, which is a single security clearance, multiple data security level environment. This paper describes the software security design alternatives that were considered and what was ultimately implemented.