Access and Integrity Control in a Public-Access, High-Assurance Configuration Management System

OpenCM is a new configuration management system created to support high-assurance develop-ment in open-source projects. Because OpenCM is designed as an open source tool, robust replica-tion support is essential, and security requirements are somewhat unusual Ð preservation of access is as important as prevention. Also, integrity preservation is a primary focus of the information architecture. Because some of our supported development activities target high-assurance systems, traceability and recovery from compromise are also vital concerns.

This paper describes the mechanisms used by OpenCM to meet these needs. While some of the techniques used are particular to archival stores, others have potentially broader applications in replication-based distributed systems.