Modeling Mandatory Access Control in Role-Based Security Systems

This paper discusses the realization of mandatory access control in role-based protection systems. Starting from the basic definitions of roles, their application in security and the basics of the concept of mandatory access control, we develop a scheme of role-based protection that realizes mandatory access control. The basis of this formulation develops from the recognition that roles can be seen as facilitating access to some given information context. By handling each of the role contexts as independent security levels of information, we simulate mandatory access by imposing the requirements of mandatory access control. Among the key considerations, we propose a means of taming Trojan horses by imposing acyclic information flow among contexts in role-based protection systems. The acyclic information flows and suitable access rules incorporate secrecy which is an essential component of mandatory access control.

[1]  David D. Clark,et al.  A Comparison of Commercial and Military Computer Security Policies , 1987, 1987 IEEE Symposium on Security and Privacy.

[2]  Dan Thomsen,et al.  Role-Based Application Design and Enforcement , 1990, Database Security.

[3]  Sylvia L. Osborn,et al.  Role-based security, object oriented databases and separation of duty , 1993, SGMD.

[4]  T. C. Ting,et al.  Requirements, Capabilities, and Functionalities of User-Role Based Security for an Object-Oriented Design Model , 1991, DBSec.

[5]  John E. Dobson,et al.  Security Models and Enterprise Models , 1988, Database Security.

[6]  Sylvia Osborn,et al.  Role-based security: pros, cons, & some research directions , 1993, SGSC.

[7]  J DenningPeter,et al.  Certification of programs for secure information flow , 1977 .

[8]  John M. Boone,et al.  INTEGRITY-ORIENTED CONTROL OBJECTIVES: PROPOSED REVISIONS TO THE TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA (TCSEC), DoD 5200.28-STD , 1991 .

[9]  Lishing Liu On Security Flow Analysis in Computer Systems (Preliminary Report) , 1980, 1980 IEEE Symposium on Security and Privacy.

[10]  E. V. Krishnamurthy,et al.  On the design and administration of secure database transactions , 1992, SGSC.

[11]  Catherine D. Jensen,et al.  SDDM-a prototype of a distributed architecture for database security , 1989, [1989] Proceedings. Fifth International Conference on Data Engineering.

[12]  Dorothy E. Denning,et al.  Commutative Filters for Reducing Inference Threats in Multilevel Database Systems , 1985, 1985 IEEE Symposium on Security and Privacy.

[13]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[14]  John McHugh An Information Flow Tool for Gypsy , 1985, 1985 IEEE Symposium on Security and Privacy.

[15]  Dorothy E. Denning,et al.  Discussion: Pros and Cons of the Various Approaches , 1992 .

[16]  Morrie Gasser,et al.  Building a Secure Computer System , 1988 .

[17]  Peter J. Denning,et al.  Certification of programs for secure information flow , 1977, CACM.

[18]  Glenn H. MacEwen,et al.  A logic for reasoning about security , 1992, TOCS.

[19]  Sylvia L. Osborn,et al.  Access Rights Administration in Role-Based Security Systems , 1994, DBSec.

[20]  R.W. Baldwin,et al.  Naming and grouping privileges to simplify security management in large databases , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[21]  Sushil Jajodia,et al.  Integrating an object-oriented data model with multilevel security , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.