The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Contemporary cloud environments are built on low-assurance components, so they cannot provide a high level of assurance about the isolation and protection of information. A “multi-level” secure cloud environment thus typically consists of multiple, isolated clouds, each of which handles data of only one security level. Not only are such environments duplicative and costly, data “sharing” must be implemented...
Although one senior security professional has emphasized that “it is unconscionable to use overly weak components” in a multilevel security (MLS) context, the majority of current transfer guards do exactly that. Basic guard technology is well-developed and has a long history, but most guards are built on low-assurance systems vulnerable to software subversion, and the lack of assurance limits the...
Because views on relational database systems mathematically define arbitrary sets of stored and derived data, they have been proposed as a way of handling context- and contenbdependent classification, dynamic classification, inference, aggregation, and sanitization in multilevel database systems. This paper describes basic view concepts for a multilevelsecure relational database model that addresses...
It has been a tenet of the computer security research and development community that policy enforcement mechanisms must be designed into systems at the time of their conception rather than retrofitted on to existing systems. The paper examines what it means for an architecture to be extensible with respect to security. Results are shown of an examination of the Trusted Computer System Evaluation Criteria's...
The Department of Defense has recently published Trusted Computer System Evaluation Criteria that provide the basis for evaluating the effectiveness of security controls built into computer systems. This paper summarizes basic security requirements and the technical criteria that are used to classify systems into eight hierarchical classes of enhanced security protection. These criteria are used in...
The security kernel technology has provided the technical foundation for highly reliable protection of computerizedinformation. However, the operating system implementations face two significant challenges: providing (1) adequate computational resources for applications tasks, and (2) a clean, straightforward structure whose correctness can be easily reviewed. This paper presents the experience of...
This paper introduces a mathematical framework for evaluating the relationship between policies and mechanisms. An evaluation approach called the assigmnent technique is defined. This technique consists of establishing an assignment between the security classes of information established by policy constraints, and the protection domains, established by the properties of the mechanism. The assignment...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.