The SLam calculus: programming with secrecy and integrity
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
ASN.1: communication between heterogeneous systems
ASN.1: communication between heterogeneous systems
Protecting privacy using the decentralized label model
ACM Transactions on Software Engineering and Methodology (TOSEM)
Untrusted hosts and confidentiality: secure program partitioning
SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
Lattice-Based Access Control Models
Computer
Protecting Confidentiality against Trojan Horse Programs in Discretionary Access Control System
ACISP '00 Proceedings of the 5th Australasian Conference on Information Security and Privacy
Dealing with Multi-policy Security in Large Open Distributed Systems
ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
Role-Based Access Control
A Security Model of Dynamic Labeling Providing a Tiered Approach to Verification
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
ACSC '06 Proceedings of the 29th Australasian Computer Science Conference - Volume 48
Hi-index | 0.00 |
Security labels convey information that is utilised to perform access control decisions, specify protective measures, and aid in the determination of additional handling restrictions required by security policies. In discussing security labelling, one of the most important aspects is to investigate access control models and obtain an appropriate technique for specifying the kind of security policies that are required. One problem with previous approaches to the specification of access control policies is that they are based on an idealisation of the real problem and give a first approximation: may or may not a subject access a given object? The binary, logical function is the essential starting point, but is generally insufficient to guide the hard decisions that are required by a variety of applications in the real world. Focusing on the issues regarding security labelling, this paper first proposes a technique for expressing need-to-know policies that are regarded as the basis for security labelling and should be followed in the labelling process. Then, based on the proposed lattice access control model dealing with both security levels and categories of objects, several security labelling principles are given. Finally, we propose a dynamic model for security labelling that not only provides support for dynamic labelling within a system but also a functional base for the design and implementation of a security labelling system.