Access your Pro+ Content below.
Building a secure operating system with Roger R. Schell
This article is part of the Information Security issue of October 2017, Vol. 19, No. 8
Roger R. Schell is an authority on high-assurance computing and spent more than 20 years in the U.S. Air Force before working in private industry. As one of the lead authors of the U.S. Department of Defense Trusted Computer System Evaluation Criteria (TCSEC), known as the Orange Book, Schell has first-hand knowledge of the standards required for classified computer systems. Published in 1983 by the National Computer Security Center, where he served as deputy director, the TCSEC was replaced in 2005 by an international standard, the Common Criteria for Information Technology Security Evaluation. The co-founder and vice president of Gemini Computers Inc., Schell led the development of the Gemini Multiprocessing Secure Operating System, known as GEMSOS. In 2001, he founded Aesec Corp., which acquired Gemini Computers and its security kernel in 2003. He also served as the corporate security architect at Novell. Marcus Ranum spoke with Schell, now a professor of engineering at the University of Southern California Viterbi School of ...
Access this PRO+ Content for Free!
Features in this issue
Data breaches and incoming regulations are heightening the need for a data-centric security model, say security leaders. Here’s how to gain control and stop unauthorized use of your data.
A state CISO champions innovation for Washington, from early development of a single sign-on system to leadership of the new Office of Cyber Security.
Until WannaCry and NotPetya, estimates of ransomware cost and damages were likely overblown. But indications are that companies lost hundreds of millions from these malicious attacks alone.
Columns in this issue
When Yahoo finally disclosed a massive 2014 data breach to up to five hundred million affected account holders in September 2016, some already had legal representation.
The 'father' of the Orange Book has first-hand knowledge of the standards required for classified computer systems and the issues with subversion.