Heinrich, F.
(1978),
The Network Security Center: a System Level Approach to Computer Network Security, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NBS.SP.500-21v2
(Accessed April 23, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
The Network Security Center: a System Level Approach to Computer Network Security
Published
Author(s)
Abstract
This report describes a unique approach to the solution of computer network security problems, and provides guidance in the areas of network security architectural issues and implementation options. The approach is based on a network resource, called a Network Security Center (NSC), which performs the functions of user identification/authentication and access request authorization. The NSC works in concert with Network Cryptographic Devices (NCDs) to enforce access control policy through the creation or denial of logically separate cryptographic connections between subjects (users) and objects (resources). The use of a NSC in a network permits effective control over network access, provides for audit data collection, and provides protection against tampering or modification of the access control data base. The architecture presented permits multiple NSCs to operate together, thus addressing issues such as modular expandability, regional subnets, and local control over resources. Network Cryptographic Devices that use the NBS Data Encryption Standard algorithm and are capable of being remotely keyed are a vital part of the NSC security approach. NCDs provide end-to-end cryptographic message protection, source-destination authentication of identity and, through the remote keying capability, the enforcement mechanism for NSC access control decisions. Implementation options for an NSC are presented, covering the areas of data structures, I/O structure, control structure, and size and performance limitations.Citation
Special Publication (NIST SP) - 500-21 Volume 2
Report Number
500-21 Volume 2
NIST Pub Series
Pub Type
NIST Pubs
Download Paper
Keywords
access authorization, access control, authentication, computer network security, cryptography, end-to-end encryption, inter-computer network, internetting, NBS Data Encryption Standard, Network Cryptographic Devices, Network Security Center
Citation
Created January 1, 1978, Updated November 10, 2018