A practical approach to high assurance multilevel secure computing service
نویسندگان
چکیده
Current projects aimed at providing MLS computing services rarely seem to exploit advances in related fields. Specifically, the concepts of data distribution, replication, and interoperation are currently receiving much attention in the commercial database system sector but have yet to be applied to the delivery of MLS computing services. This paper explains how these concepts might help deliver MLS computing services relatively quickly and cheaply, and how they can ease integration of legacy systems and new technology into future MLS cooperative, distributed computing
منابع مشابه
Performance analysis of a method for high level prevention of traffic analysis using measurements from a campus network
Role-Based Access Control: A Multi-Dimensional View p. 54 Panel: Reexamining Assurance p. 64 Plenary Panel: Secure System Composition p. 66 Secure System Composition: Five Practical Initiatives p. 67 Architectural Impact on Performance of a Multilevel Database System p. 76 Benchmarking Multilevel Secure Database Systems Using the MITRE Benchmark p. 86 Organizing MLS Databases from a Data Modeli...
متن کاملTowards Formal Evaluation of a High-Assurance Guard
A transfer guard built on a high-assurance multilevel secure (MLS) trusted computing base (TCB) must be a trusted subject with the capability to perform downgrades not otherwise permitted by the MLS security policy. Formal evaluations of MLS systems containing trusted subjects are complicated when the trusted subjects are evaluated as part of a monolithic TCB. While welldeveloped techniques of ...
متن کاملSESOS: A Verifiable Searchable Outsourcing Scheme for Ordered Structured Data in Cloud Computing
While cloud computing is growing at a remarkable speed, privacy issues are far from being solved. One way to diminish privacy concerns is to store data on the cloud in encrypted form. However, encryption often hinders useful computation cloud services. A theoretical approach is to employ the so-called fully homomorphic encryption, yet the overhead is so high that it is not considered a viable s...
متن کاملThe flood-gate principle - a hybrid approach to a high security solution
The classical role of a firewall consists in protecting a computer network against attacks from the outside world, especially the Internet. Firewalls are often expensive, hard to configure and they are comprehended only by experts. Sometimes the level of security is too high to use a firewall, and information flow has not to be “online”. Here we propose to use “floodgates” as described in the f...
متن کاملAn Approach for Cross-Domain Intrusion Detection
Network-based monitoring and intrusion detection has grown into an essential component of enterprise security management. Monitoring potentially malicious activities across a set of networks classified at different security levels, however, presents subtle and complicated challenges. Analysis of intrusion alerts collected on an individual network only reveals malicious attempts to compromise th...
متن کامل