A full formalisation of the Bell and La Padula security model
نویسنده
چکیده
Information access control programs are based on a security policy model. Flaws in them may come from a lack of precision or some incoherences in the policy model or from inconsistencies between the model and the code. In this paper, we build a full mechanized formalization of the well-known Bell and LaPadula policy model, checking all the steps of the proofs. Then, we derive automatically a program for the access controls considered in this model. Such a program implements a transition function which has been formally proved sound according to the three security properties involved in the Bell and La Padula model. All the work is done within Coq, a theorem prover based on a very strong type theory.
منابع مشابه
The Bell and La Padula Security Model
A precise description is given of the Bell and La Padula security model using modern notation. The development faithfully follows that of the original presentation [1, 2]. The paper is intended to provide a basis for more exact, formal, and scientific discussion of the model than has been the case heretofore.
متن کاملInformation Security – Bell-La Padula Model
Before the Bell-La Padula model in the late 1960’s, developments in commercial operating systems suggested the possibility of tremendous cost savings. Timesharing was starting to provide commercial customers the ability to share the leasing costs of IBM and other big-iron computers through simultaneous or sequential use of the expensive mainframe computers. For those in classified government ci...
متن کاملAn Access Control Model for Preventing Virtual Machine Escape Attack
With the rapid development of Internet, the traditional computing environment is making a big migration to the cloud-computing environment. However, cloud computing introduces a set of new security problems. Aiming at the virtual machine (VM) escape attack, we study the traditional attack model and attack scenarios in the cloud-computing environment. In addition, we propose an access control mo...
متن کامل736 Differentially secure multicasting and its implementation methods
Though the areas of secure multicast group architecture, key distribution and sender authentication are under scrutiny, one topic that has not been explored is how to integrate these with multi-level security. Multi-level security is the ability to distinguish subjects according to classification levels, which determines to what degree they can access confidential objects. In the case of groups...
متن کاملOn Information Security Guidelines for Small/Medium Enterprises
The adoption rate of Internet-based technologies by United Kingdom (UK) Small and Medium Enterprises (SMEs) is regularly surveyed by the Department of Trade and Industry (DTI). Over several decades information security has evolved from early work such as the Bell La Padula (BLP) model toward widely disseminated Information Security Guidelines containing comprehensive and detailed advice. The ov...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2003