A prototype implementation of a time interval file protection system in Linux
Chiang, Ken H.
lIrvine, Cynthia E.
Nguyen, Thuy D.
MetadataShow full item record
Control of access to information based on temporal attributes has many potential applications. Examples include student user accounts set to expire upon graduation; files marked as time-sensitive so that their contents can be protected appropriately and the period of access to them controlled; and cryptographic keys configured to automatically expire and be unusable beyond a specific time. This thesis implements a prototype of the Time Interval Access Control (TIAC) model in the context of a protected file system for the popular open-source Linux operating system. The Linux Security Module framework is used for the implementation, which includes temporal attributes associated both with the files and the users. The implementation includes modifications to the file system as well as low-level information access constructs. As part of the design process, testing and performance analysis were conducted. Since the temporal access control mechanism is built into the kernel rather than the application, bypassing the mechanism becomes more difficult. Kernel level implementation also affords the same policy enforcement functionality to different applications, thus reducing human errors in their development. This thesis is relevant to the research on dynamic security services for information protection envisioned by the DoD Global Information Grid (GIG).
Showing items related by title, author, creator and subject.
Schofield, Brandan R.; Snelgrove, Brittany (Monterey, CA; Naval Postgraduate School, 2019-06);The Marine Corps Operating Concept (MOC) outlines critical tasks which will have a significant impact on current Marine Corps logistics Major Automated Information Systems (MAIS), especially as tactical units operate in ...
Managing technological change in a military treatment facility: a case study of medical diagnostic imaging support (MDIS) system Tillery, Laura Suzanne (Monterey, California. Naval Postgraduate School, 1994-12);Picture archiving and communication system (PACS) represents an enormously expensive technological innovation in digital imaging which has the potential to alter the way in which radiology is practiced. The purpose of this ...
Westman, Stefan A.H. (Monterey, California. Naval Postgraduate School, 1992-03);The ARGOS project is a design and an implementation of a prototype multimedia database system developed as both a Battle Group Commander's assessment tool and a shipboard data management tool. The original prototype was ...