Multilevel Security Policies
نویسندگان
چکیده
So to define MLS policy, it is necessary to first specify a set of security levels. This set of security levels is associated with a partial order relation denoted <. If l1 and l2 are two security levels then l1 < l2 is read l1 is lower than l2. When < is a partial order relation, it may happen that both l1 < l2 and l2 < l1 and l1 = l2 are false. In this case, we say that l1 and l2 are incomparable which is denoted l1 <> l2.
منابع مشابه
Reasoning about Conndentiality Requirements
Reeexive ow policies provide abstract characterizations of certain multilevel conndentiality requirements. This paper describes how reeexive ow policies can be used to construct and reason about large/complex multilevel policies. In particular, we describe how reeexive policies can be used to develop and reason about security policies for multilevel relational databases. Our approach facilitate...
متن کاملSupporting Secure Canonical Upgrade Policies in Multilevel Secure Object Stores
Secure canonical upgrade policies are multilevel relabel policies that, under certain conditions, allow high-level subjects to update low-level security labels. This paper describes a scheme whereby these policies can be supported within the Message Filter Model for multilevel secure object-oriented database management systems.
متن کاملCAMAC: a context-aware mandatory access control model
Mandatory access control models have traditionally been employed as a robust security mechanism in multilevel security environments such as military domains. In traditional mandatory models, the security classes associated with entities are context-insensitive. However, context-sensitivity of security classes and flexibility of access control mechanisms may be required especially in pervasive c...
متن کاملMaintaining the Confidentiality of Interoperable Databases with a Multilevel Federated Security System
When several databases with multilevel security policies are federated to form a tightly coupled federated database management system, heterogeneities such as different accreditation ranges must be overcome. This paper describes an extended methodology to integrate policies that use different lattices as accreditation ranges. A semi-automatic process obtains the federated accreditation range an...
متن کاملIntegrating Multilevel Security Policies in Multilevel Federated Database Systems
Federated database systems solve the problem of sharing information among independent entities. When building and operating such a federated database system, it is necessary to protect data. Because of heterogeneities among security systems of component databases an integration of them is essential, taking into account new security features of the federation itself. This paper describes a multi...
متن کاملEnforcement of non-hierarchical access policies
Without proposing a new key assignment scheme, this paper presents a graph translation procedure that can be used to enforce non-hierarchical access control policies, in addition to those in a strict hierarchy. An interesting application is also given in this paper to show the importance of non-hierarchical access control. Key-Words: Key assignment, Multilevel security, Access control, Cryptogr...
متن کامل