Asymmetric isolation

Author

Davidson, John A.

Author_Institution

Norex Co., San Diego, CA, USA

fYear

1996

fDate

9-13 Dec 1996

Firstpage

44

Lastpage

54

Abstract

Examines a surprisingly simple application of unidirectional security that supports essentially risk-free MLS (multi-level security). It is an unusual environment because security rules can be absolutely enforced. Not only security violations, but also multi-level communication handshaking and most downgrading is not simply disallowed, but prevented. Experiments conducted using hardware multiple single-level nodes interconnected by unidirectional links show how this environment can be a practical alternative to software-enforced security. When we can adapt to this environment, the benefits include near-absolute strength, high performance and low cost. It seems particularly applicable to legacy systems because it is almost independent of pre-existing hardware and software

Keywords

security of data; absolute security rule enforcement; asymmetric isolation; cost; downgrading; hardware-enforced security; legacy systems; mandatory access control; multi-level communication handshaking; multiple single-level nodes; performance; risk-free multi-level security; security violations; unidirectional links; unidirectional security; Access control; Communication system security; Costs; Data structures; Hardware; Humans; Information security; Invasive software; Multilevel systems; Protocols;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Security Applications Conference, 1996., 12th Annual

Conference_Location

San Diego, CA

ISSN

1063-9527

Print_ISBN

0-8186-7606-X

Type

conf

DOI

10.1109/CSAC.1996.569668

Filename

569668