Safety of mixed model access control in a multilevel system
Abstract
Information sharing can result in emergent behaviors that affect the safety properties associated with overt information flows. Secure cross-domain integration, involving the safety properties of both individual domains and the information dissemination across those domains, can result in leakage of information during the brokering of that information in an enterprise-level, multilevel secure (MLS) system using mixed model access control. Existing access control models do not address this problem. To address this gap, we developed a technique for building compositional models that combine both role-based access control and traditional MLS-based Bell-LaPadula models to provide for a high-assurance MLS system access controller. However, such compositional models introduce information rights proliferation during the specification of high-assurance security requirements and the security policy to provide for safety within the system. We addressed that problem with a technique that leverages RuleML to specify declassification policies for securing information exchange between different security levels of disparate access control models. The technique supports the tranquility principle allowing for desired information flows while not violating the overall security policy of the system. We demonstrated the technical feasibility of using both of these techniques, using as our example application cross-domain information sharing in conducting Maritime Domain Awareness operations.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.Collections
Related items
Showing items related by title, author, creator and subject.
-
Role-based access control for coalition partners in maritime domain awareness
Tardy, Matthew L. (Monterey, California. Naval Postgraduate School, 2005-06);The need for Shared Situational Awareness (SSA) in accomplishing joint missions by coalition militaries, law enforcement, the intelligence community, and the private sector creates a unique challenge to providing access ... -
Software Re-Engineering of the Human Factors Analysis and Classification System b1s (Maintenance extension) using object oriented methods in a Microsoft Environment
Flanders, Thomas P.; Tufts, Scott K. (2001-09);The purpose of this research is to technically evaluate, refine, and expand two existing aircraft safety management information systems (one military and one civilian). The systems are used in the data collection, organization, ... -
A Linux Implementation of Temporal Access Controls
Chiang, Ken; Nguyen, Thuy D.; Irvine, Cynthia E. (A Linux Implementation of Temporal Access Controls, 2007-06-01);Control of access to information based upon temporal attributes can add another dimension to access control. To demonstrate the feasibility of operating system level support for temporal access controls, the Time Interval ...