Extending the Brewer-Nash model to a multilevel context

It is shown how the Brewer-Nash Chinese wall model can be extended to a policy for handling the aggregation problem in a multilevel context. A lattice-based information flow policy that can be integrated into both the multilevel and Drewer-Nash context is derived. This information flow policy is used to develop a security policy described in terms of labeled subjects accessing labeled objects that will make it possible to construct a system that prevents users from accessing aggregates that they are not cleared to see.<<ETX>>

[1]  Teresa F. Lunt Aggregation and inference: facts and fallacies , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[2]  Tsau Young Lin,et al.  Chinese wall security policy-an aggressive model , 1989, [1989 Proceedings] Fifth Annual Computer Security Applications Conference.

[3]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[4]  Michael J. Nash,et al.  The Chinese Wall security policy , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[5]  Carl E. Landwehr,et al.  Formal Models for Computer Security , 1981, CSUR.

[6]  J. Thomas Haigh,et al.  The LDV Approach to Database Security , 1989, DBSec.

[7]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .