Trusted subjects configuration based on TE model in MLS systems

Authors:
Shangjie Li;Yeping He
Affiliations:
National Engineering Research Center for Fundamental Software, Institute of Software, The Chinese Academy of Sciences, Beijing, China;National Engineering Research Center for Fundamental Software, Institute of Software, The Chinese Academy of Sciences, Beijing, China
Venue:
INTRUST'10 Proceedings of the Second international conference on Trusted Systems
Year:
2010

Citing 5
Cited 0

Design and Implementation of Secure Xenix

IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Secure Computer Systems: A Retrospective

SP '83 Proceedings of the 1983 IEEE Symposium on Security and Privacy
Security policies for downgrading

Proceedings of the 11th ACM conference on Computer and communications security
A logical specification and analysis for SELinux MLS policy

Proceedings of the 12th ACM symposium on Access control models and technologies
Security policy modeling for the next-generation packet switch

SP'88 Proceedings of the 1988 IEEE conference on Security and privacy

Quantified Score

Hi-index	0.00

Visualization

Abstract

Trusted subjects are inevitably parts of multi-level security systems or trusted networks. They can introduce security risk into system, as they don't comply with *-property in Bell LaPadula model. It's an important work to determine which subjects are trusted from hundreds and thousands of applications, and what their security requirements are during the developing and deploying secure operating systems. In this paper, an approach is proposed to address these issues based on information flow and risk analysis. Type enforcement specification is used as a base for information flow analysis and then finding out trusted subjects and their security requirements:security label range and security assurance level.