A Meta-level Access Control Model for Adapting Diverse Access Control Policies on OS Environment
ABSTRACT Flexible access control model has been studied and implemented on operating system for a long time. SELinux of NSA have fine-grained policy. But, the strict policy make user feel inconvenience. Though SELinux can present MAC or RBAC as well as DAC, it doesnpsilat show all of the notions. We propose the flexible access control model that it can present diverse access control policies and the policies can transform each other. As our model is based on E-R model, it is easy to understand and to use by simple syntax. We implement and test this model on Linux. And we show that the performance degree isnpsilat decreased highly.
- [Show abstract] [Hide abstract]
ABSTRACT: Abstract The protection mechanisms of current mainstream op erating systems are inadequate to support confiden tiality and integrity requirements for end systems. Mandatory access control (MAC) is needed to address such require ments, but the limitations of traditional MAC have in hibited its adoption into mainstream operating systems. The National Security Agency (NSA) worked with Se cure Computing Corporation (SCC) to develop a fle xi ble MAC architecture called Flask to overcome the lim itations of traditional MAC. The NSA has implemented this architecture in the Linux operating system, produc ing a Security-Enhanced Linux (SELinux) prototype, to make the technology available to a wider community and to enable further research into secure operating sys tems. NAI Labs has developed an example security pol- icy configu ration to demonstrate the benefits of the ar chitecture and to provide a foundation for others to use. This paper describes the security architecture, security mechanisms, application programming interface, secu rity policy configu ration, and performance of SELinux.Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference, June 25-30, 2001, Boston, Massachusetts, USA; 01/2001
- [Show abstract] [Hide abstract]
ABSTRACT: Type enforcement is a table-oriented mandatory access control mechanism well-suited for confining applications and restricting information flows. Although both flexible and strong, type enforcement alone imposes significant administrative costs and has not been widely adopted. Domain and Type Enforcement (DTE) is an enhanced version of type enforcement designed to provide needed simplicity and compatibility. Two primary techniques distinguish DTE from simple type enforcement: DTE policies are expressed in a high-level language that includes file security attribute associations as well as other access control information; and during system execution, DTE file security attributes are maintained using a concise human-readable format in a runtime DTE policy database, thus removing the need for security-specific low-level data formats. Such formats are a major source of incompatibility for security-enhanced systems. A DTE UNIX prototype system has been implemented to evaluate these primary DTE concepts. This paper presents experiences gained and preliminary results indicating that DTE can provide cost effective security increases to UNIX systems while maintaining a high degree of compatibility with existing programs and media.IEEE Security and Privacy Magazine 05/1995; DOI:10.1109/SECPRI.1995.398923 · 0.72 Impact Factor