Title :
Simultaneous enforcement of the Bell-LaPadula and the Biba security policy models in an OSI-distributed system
Author :
Verschuren, Jan ; Govaerts, René ; Vandewalle, Joos
Author_Institution :
TNO, Delft, Netherlands
Abstract :
The article concentrates on enforcing security policies on a distributed basis. More specifically, the Biba and the B-LP security policies are addressed. Key-distributions are analysed which are in conformance with the two policies. It turned out that the Biba and the B-LP models can be enforced if the OSI-RM communication subsystem of each end-system is equipped with one key-pair of a public key system (PKS). If no end-system were broken, then the key-pair in every end-system may be the same. In that case however, the consequences of breaking an end-system are disastrous. A key-distribution where each end-system is equipped with a (different) key-pair is much more resistant against breaking an end-system: in that case the consequences of breaking an end-system can be as limited as possible. Besides, the latter key-distribution enables identification and exclusion of the broken end-system. Consequently, the other end-systems can go on communicating according to their respective security policies as they did before
Keywords :
computer networks; distributed processing; open systems; public key cryptography; security of data; Bell-LaPadula security policy; Biba security policy; OSI-RM communication subsystem; OSI-distributed system; broken end-system; computer networks; end-system; key-distribution; key-pair; public key system; security policy enforcement; Application software; Buildings; Communication system security; Computer networks; Computer security; Data security; Information security; Open systems; Public key; Vocabulary;
Conference_Titel :
Singapore ICCS/ISITA '92. 'Communications on the Move'
Print_ISBN :
0-7803-0803-4
DOI :
10.1109/ICCS.1992.254992
