RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
An operating system approach to securing e-services
Communications of the ACM
Policy management using access control spaces
ACM Transactions on Information and System Security (TISSEC)
Towards a formal model for security policies specification and validation in the selinux system
Proceedings of the ninth ACM symposium on Access control models and technologies
Kernel korner: filesystem labeling in SELinux
Linux Journal
Flexible and secure enterprise rights management based on trusted virtual domains
Proceedings of the 3rd ACM workshop on Scalable trusted computing
Leveraging "choice" to automate authorization hook placement
Proceedings of the 2012 ACM conference on Computer and communications security
Hi-index | 0.00 |
Multilevel security is typically implemented by assigning fine-grained security contexts, such as sensitivity labels to all subjects and objects. These extended security contexts require modifications to standard filesystems, and interfaces that affect system throughput and application compatibility. This trade-off between policy enforcement and performance tends to marginalize these systems to special-purpose environments. This paper describes a light-weight approach which avoids the requirement for customized filesystems or modified applications. Instead, the system is partitioned into labeled zones. Subjects and objects are associated with these zones from which they inherit their sensitivity labels. This structured approach to data separation makes it possible to implement mandatory access control on a mainstream operating system.