代写DSCI 525、Python/c++程序设计代做

日期：2024-03-22 08:14

DSCI 525 Semester Project

Spring 2024

Completion of the semester project is to be an independent, individual effort for each student.

Communication with fellow students for this assignment, attempting to benefit from work of another

student, past or present and similar behavior that defeats the intent of an assignment is unacceptable to the

University. Such behavior will be treated as a violation of USC academic integrity standards, which are

summarized in the on-line tutorial available at

http://www.usc.edu/libraries/about/reference/tutorials/academic_integrity/index.php

Nature of the assignment

The purpose of this project is to compare and contrast two trusted system requirement models and two

implementations.

The first requirement model is the Trusted Network Interpretation (TNI). The implementation case study

of TNI is the Gemini Trusted Network Processor (GTNP). The TNI requirements and GTNP

implementation represent a reference monitor concept-based approach that is referred to as a traditional

security kernel (SK). The second requirement model is the Separation Kernel Protection Profile. The

implementation case study of SKPP is the Green Hills Software (GHS) INTEGRITY-178B (I-178B). The

SKPP requirements and I-178B implementation represent a variation of the reference monitor concept

instituted in a separation kernel.

In not less than 10 and no more than 20 pages prepare a report in PDF format with a font size 12, single

column, single spaced. There are no other specific requirements related to the formatting of your report.

Figures, tables, and the like are not included in the 20-page maximum page count. There is no penalty for

exceeding the limit, however text beyond the 20-page limit will not be considered in grading. Submit the

report in electronic form on USC D2L.

Description of the semester project

Based on information you gather and review, you are to report your research and analysis on the following

topics:

1. How SKPP evaluation requirements [4] line up against the TCSEC/TNI security kernel evaluation

requirements. This project should focus on the requirements for TNI Mandatory Only

Components (M-Components), as codified in TNI Sections 4.1.1 (Policy) and A.3.1 (M-Comp).

The associated 25 RVM evaluation factors are detailed in extracts from the TNI (which includes

TCSEC requirements outlined in [1]). Given the constrained length of the project report, this

analysis should be brief and concise conclusions for each of the 25 RVM evaluation factors,

referring to the factors by name without wasting space repeating the text of the requirements.

Be specific, include concrete references to the parts of the reviewed documents to support your

arguments.

2. Relative strengths and weaknesses of design and development techniques in separation kernel and

specifically INTEGRITY-178B product as compared and contrasted to those in the GEMSOS

security kernel, including a comparison of the respective kernel APIs and hardware requirements.

Note that you should be informed by the GEMSOS Final Evaluation Report (FER) [2], Green Hills

Software INTEGRITY-178B Separation Kernel Security Target document [5], and Common

Criteria Evaluation and Validation Scheme Validation Report [3].

3. Finally, based on all the above you are to provide final conclusions on the suitability of these two

products for deployment in the face of a witted adversary intent to violate the allocated policies.

In your report you should particularly concentrate on the problem of subversion and how it is addressed

in both cases.

References (available on Piazza in Resources)

Your analysis is to be based on a thorough review and understanding of reference material from the

published literature that includes, but is not limited to the following:

[1] An extract from the Trusted Network Interpretation (TNI) of the “Security Requirements for a Class

A1 M-Component”. (A1M)

[2] Final Evaluation Report, Gemini Computers, Incorporated, Gemini Trusted Network Processor,

National Computer Security Center, 28 June 1995. (FER)

[3] Common Criteria Evaluation and Validation Scheme Validation Report “Green Hills Software INICR750-0402-GH01_Rel INTEGRITY-178B Separation Kernel”, version 0.5, 31 January 2011.

(Integrity-178B-VR)

[4] U.S. Government Protection Profile for Separation Kernels in Environments Requiring High

Robustness (SKPP), Version 1.03, 29 June 2007. (SKPP)

[5] Green Hills Software INTEGRITY-178B Separation Kernel Security Target, Version 4.2, May 31,

2010. (Integrity-178B-ST)

Grading

The total of 100 points for the project will be allocated as follows:

1. [50 points] Systematic comparison between these security requirements models and

implementations, using the TNI evaluation factors as the vehicle for comparison.

2. [20 points] Discussion of how subversion is addressed in both cases.

3. [20 points] Discussion of the relative strengths and weaknesses of these two design and

implementation techniques.

4. [10 points] Conclusions - a per-factor consensus on the compatibility between the requirement

models and their respective implementations.