Securing grid data using mandatory access controls

Authors:
Matt Henricksen;William Caelli;Peter Croll
Affiliations:
Queensland University of Technology, Brisbane, Queensland, Australia;Queensland University of Technology, Brisbane, Queensland, Australia;Queensland University of Technology, Brisbane, Queensland, Australia
Venue:
ACSW '07 Proceedings of the fifth Australasian symposium on ACSW frontiers - Volume 68
Year:
2007

Citing 2
Cited 4

Privacy, information technology, and health care

Communications of the ACM
A novel use of RBAC to protect privacy in distributed health care information systems

ACISP'03 Proceedings of the 8th Australasian conference on Information security and privacy

Security enhanced Linux to enforce mandatory access control in health information systems

HDKM '08 Proceedings of the second Australasian workshop on Health data and knowledge management - Volume 80
Open trusted health informatics structure (OTHIS)

HDKM '08 Proceedings of the second Australasian workshop on Health data and knowledge management - Volume 80
Open and trusted information systems/health informatics access control (OTHIS/HIAC)

AISC '09 Proceedings of the Seventh Australasian Conference on Information Security - Volume 98
Privacy and security in open and trusted health information systems

HIKM '09 Proceedings of the Third Australasian Workshop on Health Informatics and Knowledge Management - Volume 97

Quantified Score

Hi-index	0.00

Visualization

Abstract

The main contribution of this paper is to investigate issues in using Mandatory Access Controls (MACs), namely those provided by SELinux, to secure application-level data. Particular emphasis is placed on health-care records located on the grid. The paper disccuses the importance of a trusted computing base in providing application security. It describes a secure three-tiered architecture, incorporating trusted hardware, SELinux, and application security mechanisms that are appropriate for securing sensitive application data.