THE KERNEL DISCUSSED PROVIDES ACCESS CONTROLS TO SUPPORT THE SECURITY AND INTEGRITY ACCESS POLICIES AS DEFINED IN THE BELL AND LAPADULA MODEL. THE SPECIFICATION IS WRITTEN IN THE FORMAL SPECIFICATION AND ASSERTION LANGUAGE (SPECIAL) DEVELOPED BY STANFORD RESEARCH INSTITUTE AND PRESENTED IN THE APPENDIX. IMPLEMENTATION OF THIS SPECIFICATION IS INTENDED TO SUPPORT BOTH SECURE FRONT-END PROCESSOR APPLICATION AND GENERAL PURPOSE, STAND-ALONE COMMUNICATIONS APPLICATIONS. FOLLOWING AN OVERVIEW OF SOME OF THE BASIC FEATURES OF SPECIAL AND THE SECURITY KERNEL SPECIFICATION, EACH MODULE IN THE KERNEL SPECIFICATION IS DESCRIBED. THE SCOMP KERNEL SPECIFICATION IS DIVIDED INTO THE FOLLOWING MODULES: CLOCK, ACCESS LEVELS, PROCESSES, VOLUMES, QUOTA CELLS, SEGMENTS, DEVICES, ADDRESS SPACES, AND HOST INTERFACES. THE CLOCK MODULE IS USED AS A SOURCE OF UNIQUE IDENTIFIERS BY THE VARIOUS KERNEL MODULES, AND THE ACCESS-LEVELS MODULE SERVES TO DEFINE THE INTERNAL STRUCTURE OF AN ACCESS LEVEL. THE PROCESSES MODULE IS CONCERNED WITH THE CREATION AND DELETION OF PROCESS, INTERPROCESS COMMUNICATION, PROCESS SCHEDULING PRIORITY, PROCESS VIRTUAL CLOCKS, AND PROCESS REAL TIMERS. THE VOLUMES MODULE DEALS WITH THE CREATION AND DELETION OF VOLUMES AND THE MOUNTING AND DEMOUNTING OF VOLUMES, AND THE QUOTA-CELLS MODULE IS INVOLVED WITH THE MANAGEMENT OF VOLUME QUOTA, PROVIDING THE MECHANISM TO BUILD A HIERARCHICAL FILE SYSTEM OUTSIDE THE KERNEL. THE MANAGEMENT OF SEGMENTS, THE LOGICAL UNIT OF STORAGE FOR SCOMP, IS THE CONCERN OF THE SEGMENTS MODULE. AS THE TERM IMPLIES, THE DEVICES MODULE IS RESPONSIBLE FOR THE MANAGEMENT OF DEVICES, WHILE THE ADDRESS-SPACES MODULE SUPPORTS BOTH THE BINDING OF SEGMENT NUMBERS TO SEGMENTS AND DEVICE NUMBERS TO DEVICES WITHIN A PROCESS, AS WELL AS GRANTING AND REVOKING CURRENT ACCESS TO SEGMENTS AND DEVICES. THE HOST-INTERFACES MODULE PROVIDES THOSE FUNCTIONS NECESSARY TO SUPPORT SECURE COMMUNICATION BETWEEN A HOST AND A FRONT-END PROCESSOR. THE APPENDIXES INCLUDE SCOMP KERNEL SPECIFICATION, A SPECIAL REFERENCE MANUAL, AND COMMENTS ON SECURITY KERNEL SPECIFICATION FOR SECURE COMMUNICATIONS PROCESSOR. (RCB)