Configuring storage-area networks using mandatory security

Storage-area networks are a popular and efficient way of building large storage systems both in an enterprise environment and for multi-domain storage service providers. In both environments the network and the storage has to be configured to ensure that the data is maintained securely and can be delivered efficiently. In this paper, we describe a model of mandatory security for SAN services that incorporates the notion of risk as a measure of the robustness of the SAN's configuration and that formally defines a vulnerability common in systems with mandatory security, i.e. cascaded threats. Our abstract SAN model is flexible enough to reflect the data requirements, tractable for the administrator, and can be implemented as part of an automatic configuration system. The implementation is given as part of a prototype written in OPL.

[1]  Theodore M. P. Lee,et al.  Using mandatory integrity to enforce 'commercial' security , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[2]  Catherine A. Meadows Extending the Brewer-Nash model to a multilevel context , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[3]  Jaehong Park,et al.  The UCONABC usage control model , 2004, TSEC.

[4]  Benjamin Aziz,et al.  Configuring Storage Area Networks for Mandatory Security , 2004, DBSec.

[5]  Simon N. Foley Conduit cascades and secure synchronization , 2001, NSPW '00.

[6]  Gene Tsudik,et al.  Secure group services for storage area networks , 2002, First International IEEE Security in Storage Workshop, 2002. Proceedings..

[7]  Randy H. Katz,et al.  A case for redundant arrays of inexpensive disks (RAID) , 1988, SIGMOD '88.

[8]  SandhuRavi,et al.  The UCONABC usage control model , 2004 .

[9]  Simon N. Foley The specification and implementation of “commercial” security requirements including dynamic segregation of duties , 1997, CCS '97.

[10]  Michael J. Nash,et al.  The Chinese Wall security policy , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[11]  Simon N. Foley,et al.  Aggregation and Separation as Noninterference Properties , 1992, J. Comput. Secur..

[12]  Pascal Van Hentenryck The OPL optimization programming language , 1999 .

[13]  Eugene C. Freuder Eliminating Interchangeable Values in Constraint Satisfaction Problems , 1991, AAAI.

[14]  Ravi S. Sandhu,et al.  Lattice-based access control models , 1993, Computer.

[15]  Simon N. Foley A model for secure information flow , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[16]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[17]  Simon N. Foley Secure information flow using security groups , 1990, [1990] Proceedings. The Computer Security Foundations Workshop III.