Securing Grid Data Using Mandatory Access Controls

The main contribution of this paper is to investigate issues in using Mandatory Access Controls (MACs), namely those provided by SELinux, to secure application-level data. Particular emphasis is placed on health-care records located on the grid. The paper disccuses the importance of a trusted computing base in providing application security. It de- scribes a secure three-tiered architecture, incorporating trusted hardware, SELinux, and application security mechanisms that are appropriate for securing sensitive application data.

[1]  Stephen Smalley,et al.  The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments , 2000 .

[2]  William Caelli,et al.  The Concept of Self-Defending Objects in the Development of Security Aware Applications , 2003 .

[3]  D. Richard Kuhn,et al.  Role-Based Access Controls , 2009, ArXiv.

[4]  Robert E. Filman,et al.  A Bibliography of Aspect-Oriented Software Development, Version 1.0 , 2002 .

[5]  Peter R. Croll,et al.  Q.U.i.P.S. - a Quality Model for Investigating Risk Exposure in e-Health Systems , 2004, MedInfo.

[6]  Crispin Cowan,et al.  Linux security modules: general security support for the linux kernel , 2002, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[7]  Jason Smith,et al.  A Novel Use of RBAC to Protect Privacy in Distributed Health Care Information Systems ? , 2003 .

[8]  K J Biba,et al.  Integrity Considerations for Secure Computer Systems , 1977 .

[9]  Crispin Cowan,et al.  Linux Security Module Framework , 2002 .

[10]  Mark Looi,et al.  ARCHITECTURE FOR SECURING CRITICAL INFRASTRUCTURES USING CONTEXT-AWARE SELF-DEFENDING OBJECTS , 2004 .

[11]  Thomas C. Rindfleisch,et al.  Privacy, information technology, and health care , 1997, CACM.

[12]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[13]  RIACS RIACS,et al.  A Bibliography of Aspect-Oriented Software Development , Version 1 , 2004 .