A case for redundant arrays of inexpensive disks (RAID)
SIGMOD '88 Proceedings of the 1988 ACM SIGMOD international conference on Management of data
Proceedings of the 4th ACM conference on Computer and communications security
The OPL optimization programming language
The OPL optimization programming language
Conduit cascades and secure synchronization
Proceedings of the 2000 workshop on New security paradigms
Lattice-Based Access Control Models
Computer
Secure Group Services for Storage Area Networks
SISW '02 Proceedings of the First International IEEE Security in Storage Workshop
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
| Hi-index | 0.00 |
Storage-area networks are a popular and efficient way of building large storage systems both in an enterprise environment and for multi-domain storage service providers. In both environments the network and the storage has to be configured to ensure that the data is maintained securely and can be delivered efficiently. In this paper, we describe a model of mandatory security for SAN services that incorporates the notion of risk as a measure of the robustness of the SAN's configuration and that formally defines a vulnerability common in systems with mandatory security, i.e. cascaded threats. Our abstract SAN model is flexible enough to reflect the data requirements, tractable for the administrator, and can be implemented as part of an automatic configuration system. The implementation is given as part of a prototype written in OPL.