Integrated mandatory access control for digital data

Artigo

Integrated mandatory access control for digital data

2008; SPIE; Volume: 6973; Linguagem: Inglês

10.1117/12.777135

ISSN

1996-756X

Autores

George Hsieh, Gregory Patrick, Keith Foster, Gerald Emamali, Lisa M. Marvel,

Tópico(s)

Internet Traffic Analysis and Secure E-voting

Resumo

This paper presents an integrated mandatory access control (MAC) framework that incorporates MAC mechanisms at both operating system and application layers for digital data. The framework uses Security-Enhanced Linux (SELinux) as the foundation for MAC at the operating system layer. It uses XACML (eXtensible Access Control Markup Language) as the base mechanism for specifying and embedding information-layer MAC policies. This framework is designed to be general-purpose, flexible, and capable of providing fine-grained access control. This paper also describes a high-level architecture of a prototype being developed for the framework. One targeted application domain for this framework is information sharing and dissemination in a multi-level security environment.

Ver no editor

Altmetric

PlumX

Entrar

Lembrar minha senha

Receber meu e-mail de confirmação

Integrated mandatory access control for digital data