Implementing multilevel security by violation privilege |
| |
| Affiliation: | 1. University of Freiburg, Tennenbacher Str. 4, 79106 Freiburg, Germany;2. European Forest Institute, Forest for Society Research Programme, Yliopistokatu 6, 80100 Joensuu, Finland;1. Statnett, Oslo, Norway;2. NTNU, Trondheim 7491, Norway;1. Instituto de Investigaciones Agrobiológicas de Galicia (IIAG), Consejo Superior de Investigaciones Científicas (CSIC), 15705 Santiago de Compostela, Spain;2. Departamento de Edafología y Química Agrícola, Universidad de Santiago de Compostela, 15782 Santiago de Compostela, Spain;3. Microhumus, Université de Lorraine, Laboratoire Sols et Environnement, UMR 1120, Vandœuvre-lès-Nancy F-54518, France;4. Université de Lorraine, INRA, Laboratoire Sols et Environnement, 54000 Nancy, France;1. Institute of Machine Tools and Production Technology (IWF), Sustainable Manufacturing & Life Cycle Engineering Research Group, Technische Universität Braunschweig, Langer Kamp 19b, 38106 Braunschweig, Germany |
| |
| Abstract: | A multilevel secure information system should be able to support a security structure consisting of a hierarchically defined sensitivity structure containing n levels and a category structure containing m compartments. It should simultaneously protect its contents from unauthorized disclosure arising from either access control violation or leakage, and from improper modification. The protection should not interfere with the efficient processing of information. The system should be able to provide for its own security using trusted hardware or software.The system of controls described in this report will accomplish all these objectives. Furthermore, it will incorporate defenses against the following threats: unplanned delay, unauthorized erasure or destruction, aggregation, inference, spoofing, infiltration, residual images, computer viruses, and post-engagement disclosure. |
| |
| Keywords: | |
| 本文献已被 ScienceDirect 等数据库收录! |
|
