Title :
Asymmetric isolation
Author :
Davidson, John A.
Author_Institution :
Norex Co., San Diego, CA, USA
Abstract :
Examines a surprisingly simple application of unidirectional security that supports essentially risk-free MLS (multi-level security). It is an unusual environment because security rules can be absolutely enforced. Not only security violations, but also multi-level communication handshaking and most downgrading is not simply disallowed, but prevented. Experiments conducted using hardware multiple single-level nodes interconnected by unidirectional links show how this environment can be a practical alternative to software-enforced security. When we can adapt to this environment, the benefits include near-absolute strength, high performance and low cost. It seems particularly applicable to legacy systems because it is almost independent of pre-existing hardware and software
Keywords :
security of data; absolute security rule enforcement; asymmetric isolation; cost; downgrading; hardware-enforced security; legacy systems; mandatory access control; multi-level communication handshaking; multiple single-level nodes; performance; risk-free multi-level security; security violations; unidirectional links; unidirectional security; Access control; Communication system security; Costs; Data structures; Hardware; Humans; Information security; Invasive software; Multilevel systems; Protocols;
Conference_Titel :
Computer Security Applications Conference, 1996., 12th Annual
Conference_Location :
San Diego, CA
Print_ISBN :
0-8186-7606-X
DOI :
10.1109/CSAC.1996.569668
