A model for multilevel security in computer networks

Author

Lu, Wen-Pai ; Sundareshan, M.K.

Author_Institution

AT&T Bell Labs., Holmdel, NJ, USA

fYear

1988

fDate

27-31 Mar 1988

Firstpage

1095

Lastpage

1104

Abstract

A model which precisely describes the mechanism that enforces the security policy and requirements for a multilevel secure network is described. This mechanism attempts to ensure secure flow of information between entities assigned to different security classes in different computer systems connected to the network. The mechanism also controls the access to the network devices by the subjects (users and processes executed on behalf of the users) with different security clearances. The model integrates the notions of access control and information flow control to provide a trusted network base that imposes appropriate restrictions on the flow of information among the various devices. Utilizing simple set-theoretic concepts, a procedure is given to verify the security of a network that implements the present model

Keywords

computer networks; security of data; set theory; access control; computer networks; information flow control; multilevel secure network; multilevel security; secure flow of information; security clearances; set-theoretic concepts; trusted network base; Access control; Communication system control; Computer networks; Computer security; Cryptography; Data security; Information security; Intelligent networks; Multilevel systems; Protection;

fLanguage

English

Publisher

ieee

Conference_Titel

INFOCOM '88. Networks: Evolution or Revolution, Proceedings. Seventh Annual Joint Conference of the IEEE Computer and Communcations Societies, IEEE

Conference_Location

New Orleans, LA

Print_ISBN

0-8186-0833-1

Type

conf

DOI

10.1109/INFCOM.1988.13028

Filename

13028