Application-Oriented Confidentiality and Integrity Dynamic Union Security Model Based on MLS Policy
Summary :
We propose a new security model based on MLS Policy to achieve a better security performance on confidentiality, integrity and availability. First, it realizes a combination of BLP model and Biba model through a two-dimensional independent adjustment of integrity and confidentiality. And, the subject's access range is adjusted dynamically according to the security label of related objects and the subject's access history. Second, the security level of the trusted subject is extended to writing and reading privilege range respectively, following the principle of least privilege. Third, it adjusts the objects' security levels after adding confidential information to prevent the information disclosure. Fourth, it uses application-oriented logic to protect specific applications to avoid the degradation of security levels. Thus, it can ensure certain applications operate smoothly. Lastly, examples are presented to show the effectiveness and usability of the proposed model.
- Publication
- IEICE TRANSACTIONS on Information Vol.E95-D No.6 pp.1694-1697
- Publication Date
- 2012/06/01
- Publicized
- Online ISSN
- 1745-1361
- DOI
- 10.1587/transinf.E95.D.1694
- Type of Manuscript
- LETTER
- Category
- Dependable Computing
Authors
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Mingfu XUE, Aiqun HU, Chunlong HE, "Application-Oriented Confidentiality and Integrity Dynamic Union Security Model Based on MLS Policy" in IEICE TRANSACTIONS on Information,
vol. E95-D, no. 6, pp. 1694-1697, June 2012, doi: 10.1587/transinf.E95.D.1694.
Abstract: We propose a new security model based on MLS Policy to achieve a better security performance on confidentiality, integrity and availability. First, it realizes a combination of BLP model and Biba model through a two-dimensional independent adjustment of integrity and confidentiality. And, the subject's access range is adjusted dynamically according to the security label of related objects and the subject's access history. Second, the security level of the trusted subject is extended to writing and reading privilege range respectively, following the principle of least privilege. Third, it adjusts the objects' security levels after adding confidential information to prevent the information disclosure. Fourth, it uses application-oriented logic to protect specific applications to avoid the degradation of security levels. Thus, it can ensure certain applications operate smoothly. Lastly, examples are presented to show the effectiveness and usability of the proposed model.
URL: https://globals.ieice.org/en_transactions/information/10.1587/transinf.E95.D.1694/_p
Copy
@ARTICLE{e95-d_6_1694,
author={Mingfu XUE, Aiqun HU, Chunlong HE, },
journal={IEICE TRANSACTIONS on Information},
title={Application-Oriented Confidentiality and Integrity Dynamic Union Security Model Based on MLS Policy},
year={2012},
volume={E95-D},
number={6},
pages={1694-1697},
abstract={We propose a new security model based on MLS Policy to achieve a better security performance on confidentiality, integrity and availability. First, it realizes a combination of BLP model and Biba model through a two-dimensional independent adjustment of integrity and confidentiality. And, the subject's access range is adjusted dynamically according to the security label of related objects and the subject's access history. Second, the security level of the trusted subject is extended to writing and reading privilege range respectively, following the principle of least privilege. Third, it adjusts the objects' security levels after adding confidential information to prevent the information disclosure. Fourth, it uses application-oriented logic to protect specific applications to avoid the degradation of security levels. Thus, it can ensure certain applications operate smoothly. Lastly, examples are presented to show the effectiveness and usability of the proposed model.},
keywords={},
doi={10.1587/transinf.E95.D.1694},
ISSN={1745-1361},
month={June},}
Copy
TY - JOUR
TI - Application-Oriented Confidentiality and Integrity Dynamic Union Security Model Based on MLS Policy
T2 - IEICE TRANSACTIONS on Information
SP - 1694
EP - 1697
AU - Mingfu XUE
AU - Aiqun HU
AU - Chunlong HE
PY - 2012
DO - 10.1587/transinf.E95.D.1694
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E95-D
IS - 6
JA - IEICE TRANSACTIONS on Information
Y1 - June 2012
AB - We propose a new security model based on MLS Policy to achieve a better security performance on confidentiality, integrity and availability. First, it realizes a combination of BLP model and Biba model through a two-dimensional independent adjustment of integrity and confidentiality. And, the subject's access range is adjusted dynamically according to the security label of related objects and the subject's access history. Second, the security level of the trusted subject is extended to writing and reading privilege range respectively, following the principle of least privilege. Third, it adjusts the objects' security levels after adding confidential information to prevent the information disclosure. Fourth, it uses application-oriented logic to protect specific applications to avoid the degradation of security levels. Thus, it can ensure certain applications operate smoothly. Lastly, examples are presented to show the effectiveness and usability of the proposed model.
ER -
FlyerIEICE has prepared a flyer regarding multilingual services. Please use the one in your native language.
English
