High Assurance in the Twenty-First Century With Roger Schell

Abstract

Bob Blakley: Welcome, everybody, to episode three of the IEEE Over the Rainbow podcast. I am your host Bob Blakley, and we’re here today with one of the founders of the field of information security, Roger Schell. Roger, back in the early 1980s, was one of the leaders of the production of a U.S. government standard called the Orange Book [formally titled the Trusted Computer System Evaluation Criteria, (TCSEC)], which essentially defined the model for a secure computer system. I have a copy of it here. Roger, you’ll be happy to see that I used it heavily enough that I had to take the staples out. I think it’s probably a good time to be having this conversation because this year is the 50th anniversary of the reference monitor model. Nineteen seventy-two saw the publication of the Anderson report, which introduced the concept, as far as I’m aware, in the public literature—and that’ll be 50 years ago this year. And—as I think you’re aware, Roger—the title of our podcast is a sort of multilayered pun, and one of the aspects of the pun is a reference to the Rainbow Series, which the Orange Book was the inaugural volume of. One of the sly suggestions we were hinting at in the title was that, in some sense, the computer security industry is over the Rainbow Series—over in the sense of sort of wanting to leave it in the past. But I think one of the things that we’re going to talk about today is that it’s not easy to leave the Orange Book in the past and also possibly not wise. So, with that introduction, Lorrie, I’ll hand it to you to start our questions.