A Kernelized Architecture for Multilevel SecureApplication
نویسنده
چکیده
Mandatory label-based policies may be used to support a wide-range of application security requirements. Labels encode the security state of system entities and the security policy speciies how these labels may change. Building on previous results, this paper develops a model for a kernelized framework for supporting these policies. The framework provides the basis for, what is essentially, an interpreter of multilevel programs: programs that manipulate multilevel label data-structures. This enables application functionality and security concerns to be developed separately, bringing with it the advantages of a separation of concerns paradigm.
منابع مشابه
Kernelized Database Systems Security
There are two main types of security in database systems: discretionary security and mandatory security. Discretionary security restricts access to data items at the discretion of the owner. Most commercial database management systems (DBMS) employ some form of discretionary security by controlling access privileges and modes of data users (Griffiths & Wade, 1976). Discretionary security is not...
متن کاملA Secure Kernelized Architecture for Multiple Object-Oriented Databases
We present a secure kernelized architecture for multilevel object-oriented database management systems. Our architecture is based on the notion of a message lter proposed by Jajodia and Kogan. It builds upon the typical architecture of current object-oriented database management systems. Since the operations mediated by the message lter are arbitrarily complex operations (as opposed to primitiv...
متن کاملA Kernelized Architecture for Multilevel Secure Object-Oriented Databases Supporting Write-Up
This paper presents a kernelized architecture (i.e., an architecture in which no subject is exempted from the simple-security and ?-properties) for multilevel secure (mls) objectoriented database management systems (DBMS's) which support write-up. Relational mls DBMS's typically do not allow write-up, due to integrity problems arising from the blind nature of write-up operations in these system...
متن کاملMaintaining Multilevel Transaction Atomicity in MLS Database Systems with Kernelized Architecture
In most models of trusted database systems, transactions are considered to be single-level subjects. As a consequence, users are denied the ability to execute some transactions which can be run on conventional (untrusted) database systems, namely those that perform functions that become inherently multilevel in the MLS environment. This paper introduces a notion of multilevel transaction and pr...
متن کاملA Kernelized Architecture for Multilevel SecureObject - Oriented Databases
This paper presents a kernelized architecture (i.e., an architecture in which no subject is exempted from the simple-security and ?-properties) for multilevel secure (mls) objectoriented database management systems (DBMS's) which support write-up. Relational mls DBMS's typically do not allow write-up, due to integrity problems arising from the blind nature of write-up operations in these system...
متن کامل