A model for multilevel security in computer networks

Author

Lu, Wen-Pai ; Sundareshan, Malur K.

Author_Institution

Dept. of Electr. & Comput. Eng., Arizona Univ., Tucson, AZ, USA

Volume

16

Issue

6

fYear

1990

fDate

6/1/1990 12:00:00 AM

Firstpage

647

Lastpage

659

Abstract

A model is presented that precisely describes the mechanism that enforces the security policy and requirements for a multilevel secure network. The mechanism attempts to ensure secure flow of information between entities assigned to different security classes in different computer systems connected to the network. The mechanism also controls the access to the network devices by the subjects (users and processes executed on behalf of the users) with different security clearances. The model integrates the notions of nondiscretionary access control and information flow control to provide a trusted network base that imposes appropriate restrictions on the flow of information among the various devices. Utilizing simple set-theoretic concepts, a procedure is given to verify the security of a network that implements the model

Keywords

computer networks; security of data; computer networks; computer systems; entities; information flow control; multilevel secure network; multilevel security; network devices; nondiscretionary access control; security classes; security clearances; security policy; set-theoretic concepts; subjects; trusted network base; Access control; Communication system control; Computer architecture; Computer networks; Computer security; Data security; Information security; Intelligent networks; Multilevel systems; Protection;

fLanguage

English

Journal_Title

Software Engineering, IEEE Transactions on

Publisher

ieee

ISSN

0098-5589

Type

jour

DOI

10.1109/32.55093

Filename

55093