Exploiting the Dual Nature of Sensitivity Labels
暂无分享,去创建一个
One of the major goals of MITRE's Compartmented Mode Workstation (CWM) project is to assure that compartmented intelligence data processed on workstations has proper security labels associated, such that data is neither under-nor-overclassified. The CMW labeling strategy is different than that used in traditional secure systems (as suggested by the Department of Defense Trusted Computer System Evaluation Criteria), and revolves around associating two types of security information with objects: mandatory access control levels (MACLS), and sensitivity labels. MACLS are analogous to what are traditionally called security levels, and represent a "failsafe" level at which an object must be protected. Sensitivity labels accurately represent the classification of the data in the object, and also represent necessary handling restrictions. Supporting both MACLS and sensitivity labels for objects makes the system easier to use, helps prevent overclassification of data? and provides the capability of associating handling restrictions with data.
[1] Clark Weissman,et al. Security controls in the ADEPT-50 time-sharing system , 1899, AFIPS '69 (Fall).
[2] Jeffrey Picciotto,et al. Compartmented Model Workstation: Results Through Prototyping , 1987, 1987 IEEE Symposium on Security and Privacy.
[3] E. J. McCauley,et al. KSOS - The design of a secure operating system , 1899 .
[4] L. J. Fraim. Scomp: A Solution to the Multilevel Security Problem , 1983, Computer.