NEW THINKING ABOUT INFORMATION TECHNOLOGY SECURITY

This is the last of three related papers exploring how contemporary co mputer architecture affects security. It brings together the concepts introduced in the earlier papers and presents a generalized approach t o protection, isolation, and access control. We call this approach the Generalized Trusted Computing Base. Based upon the 'divide and conque r' approach to achieving protection, understandability, and flexibilit y, the result is a more flexible solution than the rigid hierarchical organization identified in the Trusted Database Interpretation or the partitioning introduced in the Trusted Network Interpretation.