HP Labs Technical Reports



Click here for full text: PDF

A Generic Proxying Facility for CMW Based on the SOCKS Protocol

Dalton, Chris I.

HPL-98-100R1

Keyword(s): SOCKS; multi-level security; CMW

Abstract: Our research into the application of Compartmented Mode Workstation (CMW)[1] technology has highlighted the need for a general method of allowing networked applications controlled but transparent access across CMW compartments. This report looks at using the SOCKS TCP relay protocol [2] to provide such a generic proxying facility. We consider the case where a CMW host is situated between an internal and an external network and has network interface connections to both. First, we show how SOCKS can be used to provide clients on the internal network with access to TCP application services residing on the external network. Secondly, we consider a more complex configuration where the CMW platform is used to run multiple independent applications that require access to an organization's internal legacy systems. Access by applications to systems on the internal network is controlled using SOCKS. We end with a discussion on the security implications of using SOCKS and SOCKS on CMW in particular.

10 Pages

Back to Index

[Research] [News] [Tech Reports] [Palo Alto] [Bristol] [Japan] [Israel] [Site Map][Home] [Hewlett-Packard]