| 摘要 |
A multi-level secure multi-processor computer architecture. The inventive architecture provides an inexpensive security solution for integrated avionics and includes a plurality of nodes. The nodes are connected via a switch in a network configuration over which data is routed using labels. The switch is controlled to facilitate secure communication of data between the nodes. In the illustrative embodiment, the network is a Fibre Channel network including plural switches in which a system manager node serves to control routing between nodes based on a security policy. Each node has a central processing unit. The system manager is implemented as a node and sets up routing tables for selective connection of the nodes via the switch. The label assignments are stored in Fibre Channel network interface cards disposed on each node. The system manager also sets up label routing tables that authorize the interconnection of selective nodes. The label routing tables are stored in the switch, which in the illustrative implementation is a crossbar switch having a plurality of switch protocol controllers and switch control units. The label assignments and label routing tables are stored in a label authorization table stored in the system manager. After a secure startup, the system allows for communication in accordance with a security policy between nodes to which trusted and/or untrusted hardware is connected and running under trusted and/or untrusted software applications. The software applications may run on commercial off-the-shelf (COTS) operating systems.
|
