Title :
Proposal of the Hierarchical File Server Groups for Implementing Mandatory Access Control
Author :
Sakuraba, Taketoshi ; Sakurai, Kouichi
Author_Institution :
Yokohama Lab., Hitachi, Ltd., Yokohama, Japan
Abstract :
An accessible implementation of MAC for file access is proposed. Instead of traditional but unfamiliar MAC aware tools such as secure-OSs, the security enforcement mechanism of our proposal is FSG (file server group) which is structured so that they reflect a security policy of the organization. Using ordinal file servers, it is accessible to the most of commercial office environment. We also propose the use of FCA (formal concept analysis), a technology for knowledge extraction, to derive the structure of FSG for information flow enforcement. An advantage of use of FCA is that it directly produces configuration parameters such as access points of users as the knowledge extracted from organizational security policy. The configuration of the file server group is easy to understand, and the management cost of FSG is lower than that of the ordinary flat structured file servers.
Keywords :
access protocols; authorisation; file servers; formal concept analysis; organisational aspects; FCA; FSG; MAC-aware tools; file access; flat structured file servers; formal concept analysis; hierarchical file server groups; information flow enforcement; mandatory access control; ordinal file servers; organizational security; secure-OS; security policy; Access control; File servers; Lattices; Organizations; Permission; Servers; File Server Group; Formal Concept Analysis; Mandatory Access Control;
Conference_Titel :
Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), 2012 Sixth International Conference on
Conference_Location :
Palermo
Print_ISBN :
978-1-4673-1328-5
DOI :
10.1109/IMIS.2012.129
