From the thesis abstract: "The Department of Defense needs to process data at various levels of security in Local Area Networks (LAN) of computer systems. A formal computer network security model is a necessary first step in certifying a computer system to process classified data. Several computer security models have been developed to identify what is required to enable multilevel certification of a computer system, and a similar model is needed for LANs. The primary objective of this research project is to analyze the requirements of a LAN security model. Conceptual design issues of LAN security modeling are presented in this thesis to identify what must be achieved to ensure security is not violated when data of various levels of security are processed in a local area network. Due to their distributed nature, LANs involve several security issues not addressed in security models (such as the Bell-LaPadula security model) developed for single computer systems. Therefore, modeling of security in LANs and computer networks must be complemented with LAN application and implementation considerations, primarily associated with secure communications channels between LAN subscribers. This thesis analyzes the security requirements of a local area computer network, highlighting the need for a security architecture approach to modeling security in LANs. A textural definition of a prototype LAN security model is presented, and the model's application to hypothetical LAN configurations is discussed."
AFIT/GE/EE/83D-10; Air Force Institute of Technology/GE/EE/83D-10
Defense Technical Information Center (DTIC): http://www.dtic.mil/dtic/