Re-thinking Kernelized MLS Database Architectures in the Context of Cloud-Scale Data Stores
Nguyen, Thuy D.
MetadataShow full item record
We re-evaluate the kernelized, multilevel secure (MLS) rlational database design in the context of cloud-scale distributed data stores. The transactional properties and global integrity properties for schema-less, cloud-scale data stores are significantly relaxed in comparison to relational databases. This is a new and interesting setting for mandatory access control policies, and has been unexplored in prior research. We describe the design and implementation of a prototype MLS column-store following the kernelized design pattern. Our prototype is the first cloud-scale data store using an architectural approach for high-assurance; it enforces a lattice-based mandatory information flow policy, without any additional trusted components. We highlight several promising avenues for practical systems research in secure, distributed architectures implementing mandatory policies using Java-based untrusted subjects.
RightsThis publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
Showing items related by title, author, creator and subject.
Galvin, Mark Robert. (Monterey California. Naval Postgraduate School, 2001-06);A renewed interest in new nuclear power generation in the United States has spurred interest in developing advanced reactors with features which will address the public's concerns regarding nuclear generation. However, it ...
Meickle, David W. (Monterey, CA; Naval Postgraduate School, 2019-09);This research provides an analysis of sustainment metrics and their application by product support managers (PSMs) within the context of the Army's operational sustainment review (OSR) process. The research explored the ...
Naegle, Brad R. (Monterey, California. Naval Postgraduate School, 2017-04); NPS-CE-17-042Department of Defense (DoD) software-intensive systems and the software content in other systems will continue to grow and may dominate total ownership costs (TOC) in the future. These costs are exacerbated by the fact ...