A cryptographic solution to implement access control in a hierarchy and more
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Integrating Flexible Support for Security Policies into the Linux Operating System
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Practical Domain and Type Enforcement for UNIX
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
| Hi-index | 0.00 |
This paper proposes Architecture of Centralized Management and Three-layer Interconnection (CMTIA), which aims to enhance the interconnection security of a High Security Level Information System (HSLIS). Centralized management is the core of this architecture. In this architecture, all system entities must be controlled in a centralized manner. Before connecting to other entities in the system, each entity needs to map their identifier to a corresponding identifier that will be monitored during the interconnection period. This process is called identity mapping, and an interconnection policy is set up in this step. Three-layer interconnection is defined for the structure of the architecture. HSLIS is the first layer, Safe Interconnection Component is the second layer, which is used to protect data delivering, finally the third layer, called a Cross-level Security Management system, is used to complete the identity mapping process for the entities. The paper also provides a solution for analyzing the policy collision during the identity mapping, which includes a collision detection model in order to prevent the collision. This solution is based on the tree-structure theory.