A multilevel file system for high assurance

Author

Irvine, Cynthia E.

Author_Institution

Dept. of Comput. Sci., Naval Postgraduate Sch., Monterey, CA, USA

fYear

1995

fDate

8-10 May 1995

Firstpage

78

Lastpage

87

Abstract

The designs of applications for multilevel systems cannot merely duplicate those of the untrusted world. When applications are built on a high assurance base, they will be constrained by the underlying policy enforcement mechanism. Consideration must be given to the creation and management of multilevel data structures by untrusted subjects. Applications should be designed to rely upon the TCB´s security policy enforcement services rather than build new access control services beyond the TCB perimeter. The results of an analysis of the design of a general purpose file system developed to execute as an untrusted application on a high assurance TCB are presented. The design illustrates a number of solutions to problems resulting from a high assurance environment

Keywords

authorisation; data structures; security of data; systems analysis; access control services; general purpose file system; high assurance; multilevel data structure management; multilevel file system; policy enforcement mechanism; security policy enforcement services; untrusted application; Access control; Computer architecture; Computer interfaces; Computer science; Control systems; File systems; Garnets; Libraries; Operating systems; Rendering (computer graphics);

fLanguage

English

Publisher

ieee

Conference_Titel

Security and Privacy, 1995. Proceedings., 1995 IEEE Symposium on

Conference_Location

Oakland, CA

Print_ISBN

0-8186-7015-0

Type

conf

DOI

10.1109/SECPRI.1995.398924

Filename

398924