A security model for military message systems
ACM Transactions on Computer Systems (TOCS)
A comment on the `basic security theorem' of Bell and LaPadula
Information Processing Letters
The multilevel relational (MLR) data model
ACM Transactions on Information and System Security (TISSEC)
IEEE Software
Advanced Transaction Processing in Multilevel Secure File Stores
IEEE Transactions on Knowledge and Data Engineering
A Framework for Evaluating Storage System Security
FAST '02 Proceedings of the Conference on File and Storage Technologies
Design and verification of secure systems
SOSP '81 Proceedings of the eighth ACM symposium on Operating systems principles
A multilevel file system for high assurance
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
Plutus: Scalable Secure File Sharing on Untrusted Storage
FAST '03 Proceedings of the 2nd USENIX Conference on File and Storage Technologies
Secure untrusted data repository (SUNDR)
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Implementing middleware for content filtering and information flow control
Proceedings of the 2007 ACM workshop on Computer security architecture
Hi-index | 0.00 |
In this paper, we present the design of a high assurance file server model developed to operate within the Multiple Independent Levels of Security framework. The file server model is a multilevel application that utilizes separation to mediate information flow by adhering to a security policy formulated from a modified version of the Bell and LaPadula Model and the GWVr2 policy, which is a separation kernel based policy developed for high assurance architectures. This paper focuses on the design aspects of the file server model and the underlying architecture. The purpose of this file server design is to develop a formal model to meet the formal methods requirement of Common Criteria, which is a system design and specification guideline for high assurance systems. The model is also an example application for the Multiple Independent Levels of Security architecture.