Title :
Security analysis of mandatory access control model
Author :
Jiang, Yixin ; Lin, Chuang ; Yin, Hao ; Tan, Zhangxi
Author_Institution :
Dept. of Comput. Sci. & Technol., Tsinghua Univ., Beijing, China
Abstract :
Mandatory access control (MAC) model is an important security model. Based on the lattice model of security level and Bell-LaPadula model the definition of MAC security model is formally described in detail. The equivalent MAC security model described by colored Petri nets (CPN) is proposed. According to the state reachability graph, four security properties of MAC security model, i.e. the access temporal relations, the reachability of objects when subject accesses them, hidden security holes due to the dynamic security level, the indirect reasoning of confidential information flow between different objects, are explored at length. In addition, an example of the security model is illustrated and the conclusions show that the security model based on Petri nets is not only a concise graphic analysis method, but also suited to be formally verified. This model can efficiently improve the whole security policies during the system security design and implementation.
Keywords :
Petri nets; reachability analysis; security of data; Bell-LaPadula model; colored Petri nets; dynamic security level; graphic analysis method; lattice model; mandatory access control model; security analysis; state reachability graph; Access control; Authorization; Computer science; Computer security; Graphics; Information analysis; Information security; Information systems; Lattices; Petri nets;
Conference_Titel :
Systems, Man and Cybernetics, 2004 IEEE International Conference on
Print_ISBN :
0-7803-8566-7
DOI :
10.1109/ICSMC.2004.1400987
