Abstract
Mandatory label-based policies may be used to support a wide-range of application security requirements. Labels encode the security state of system entities and the security policy specifies how these labels may change. Building on previous results, this paper develops a model for a kernelized framework for supporting these policies. The framework provides the basis for, what is essentially, an interpreter of multilevel programs: programs that manipulate multilevel label data-structures. This enables application functionality and security concerns to be developed separately, bringing with it the advantages of a separation of concerns paradigm.
Chapter PDF
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
D. E. Bell and L. J. La Padula. Secure computer system: unified exposition and MULTICS interpretation. Report ESD-TR-75-306, The MITRE Corporation, March 1976.
E. Bertino, L.V. Mancini, and S. Jajodia. Collecting garbage in multilevel secure object stores. In Proceedings of the Symposium on Security and Privacy, pages 106–120, Oakland, CA, May 1994. IEEE Computer Society Press.
D. D. Clark and D. R. Wilson. A comparison of commercial and military computer security models. In Proceedings Symposium on Security and Privacy, pages 184–194. IEEE Computer Society Press, April 1987.
S.N. Foley. The specification and implementation of commercial security requirements including dynamic segregation of duties. In 4th ACM Conference on Computer and Communications Security, 1997.
S.N. Foley. Supporting secure cannonical upgrade policies in multilevel secure object stores. In Proceedings of the 13th. Annual Computer Security Applications Conference, pages 69–80, San Diego, CA, December 1997.
J. A. Goguen and J. Meseguer. Unwinding and inference control. In Proceedings 1984 IEEE Symposium on Security and Privacy, pages 75–86, 1984.
W.L. Hursch and C.V. Lopes. Separation of concerns. Technical Report NU-CCS-95-03, College of Computer Science, Northeastern University, Boston, MA 02115, USA, 1995.
S. Jajodia and B. Kogan. Integrating an object-oriented data model with multilevel security. In IEEE Symposium on Security and Privacy, Oakland, CA, 1990.
M. Kang et al. Achieving database security through data replication: The SINTRA prototype. In Proceedings of the 17th National Computer Security Conference, pages 77–87, Baltimore, MD, USA, 1994.
M. Makpangou and M. Shapiro. The SOS object-oriented communication service. In 9th International Conference on Computer Communications, Israel, 1988.
A.C. Myers and B. Liskov. A decentralized model for information flow control. In 16th Annual Symposium on Operating Systems Principles. ACM, 1997.
M.J. Nash and K.R. Poland. Some conundrums concerning separation of duty. In Proceedings of the Symposium on Security and Privacy, pages 201–207, Oakland, CA, May 1990. IEEE Computer Society Press.
D. Olawsky, T. Fine, E. Schneider, and R. Spencer. Developing and using a policy neutral access control policy. In Proceedings of the New Security Paradigms Workshop. IEEE Computer Society Press, 1996.
J. Rushby. Noninterference, transitivity and channel-control security policies. Technical Report SRI-CSL-92-02, SRI International, Menlo Park, CA., December 1992.
M. Saaltink. The Z/EVES system. In ZUM’97 (10th International Conference of Z Users), pages 72–85. Springer Verlag LNCS 1212, 1997.
J. M. Spivey. The Z Notation: A Reference Manual. Series in Computer Science. Prentice Hall International, second edition, 1992.
D.F. Sterne, G.S. Benson, and H Tajalli. Redrawing the security perimeter of a trusted system. In Proceedings of the IEEE Computer Security Foundations Workshop, pages 162–174, Franconia, NH, 1994.
R.K. Thomas and R.S. Sandhu. A kernelized architecture for multilevel secure object-oriented databases supporting write-up. Journal of Computer Security, 2(3):231–275, 1993.
R.K. Thomas and R.S. Sandhu. Supporting object-based high assurance write-up in multilevel databases for the replicated architecture. In Proceedings of European Symposium on Research in Computer Security, pages 403–428, UK, 1994.
U. S. Department of Defense. Trusted computer system criteria. Technical Report CSC-STD-001-83, U. S. National Computer Security Center, August 1983.
D. Volpano, C. Irvine, and G. Smith. A sound type system for secure flow analysis. Journal of Computer Security, 4(2/3), 1995.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Foley, S.N. (1998). A kernelized architecture for multilevel secure application policies. In: Quisquater, JJ., Deswarte, Y., Meadows, C., Gollmann, D. (eds) Computer Security — ESORICS 98. ESORICS 1998. Lecture Notes in Computer Science, vol 1485. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0055854
Download citation
DOI: https://doi.org/10.1007/BFb0055854
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-65004-1
Online ISBN: 978-3-540-49784-4
eBook Packages: Springer Book Archive