For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
Dynamic Analysis of Slender Shaft in Twin-Spindle Turning
p.448
Dynamic Analysis of the Single Piston Hydraulic Free Piston Engine
p.455
Dynamic Analysis of the Superstructure-Pile Foundation-Soil Interaction System under Earthquake Based on Fuzzy Theory
p.461
Dynamic Negotiation Model of Bilateral Contracts in Electricity Market
p.466
Dynamic Trusted Domain: Preventing Data Leakage of Trusted Subjects
p.470
Dynamical Characteristic Analysis of a Fluid-Loaded Cylindrical Shell with Structural Discontinuities
p.474
Eddy Current Technology in the Application of Defect Testing to Aluminum Profile
p.479
Effect of Tempering Temperature on the Compressive Deformation Behaviour of 40Cr after Quenching and Tempering
p.483
E-Learning in Enterprise Community to Improve Knowledge Innovation
p.487

Dynamic Trusted Domain: Preventing Data Leakage of Trusted Subjects

Article Preview

Abstract:

The existence of trusted subjects is a major complication in implementing multilevel secure (MLS) systems. In MLS, trusted subjects are granted with privileges to perform operations possibly violating mandatory access control policies. It is difficult to prevent them from data leakage with out too strict confinement. This paper reconsiders the privilege from the view of sensitive data and presents a dynamic trusted domain (DTD) mechanism for trusted subjects. In DTD, a domain is associated with a special label structure (LabelVector) distinguishing security policies and builds an isolated environment based on virtualization for a certain trusted subject. The channel for the trusted subject to communicate with outsider is controlled by a trusted request decision maker (TRDM). Only the request satisfies the rules on domain label and security levels can be passed through.

You might also be interested in these eBooks
Measuring Technology and Mechatronics Automation View Preview

Info:

Periodical:

Applied Mechanics and Materials (Volumes 48-49)

Pages:

470-473

DOI:

https://doi.org/10.4028/www.scientific.net/AMM.48-49.470

Citation:

Cite this paper

Online since:

February 2011

Authors:

Jun Ma, Zhi Ying Wang, Jiang Chun Ren, Jiang Jiang Wu, Yong Cheng, Song Zhu Mei

Keywords:

Data Leakage, Domain, Lattice, Multilevel Secure, Trusted Subject, Trusted Virtual Domains (TVDs)

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2011 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

References

[1] R.S. Sandhu. Lattice-based access control models. IEEE Computer, Vol. 26, No. 11, pp.9-19, Nov. (1993).

Google Scholar

[2] Bell DE. Security policy modeling for the next-generation packet switch. In: Proc. Of the IEEE Symposium on Security and Privacy. IEEE Computer Society Press, 1988. 212-216.

DOI: 10.1109/secpri.1988.8113

Google Scholar

[3] XIE Jun, XU Feng, HUANG Hao. Trust Degree Based Multilevel Security Policy and Its Model of State Machine. Journal of Software. Vol15, No. 11, 2004: 1700-1708.

Google Scholar

[4] WU Yan-Jun, LIANG Hong-Liang, ZHAO Chen. A Multi-Level Security Model with Least Privilege Support for Trusted Subject. Journal of Software, Vol. 18, No. 3, 2007: 730-738.

DOI: 10.1360/jos180730

Google Scholar

[5] Shaffer A., Auguston M., Irvine C. et al. A Security Domain Model for Implementing Trusted Subject Behaviors. Workshop on Modeling security (MODSEC'08), Toulouse, France, Sep. (2008).

Google Scholar

[6] Burdonov, I., Kosachev, A., and Iakovenko, Virtualization-based separation of privilege: working with sensitive data in untrusted environment. In Proceedings of the 1st Eurosys Workshop on Virtualization Technology For Dependable Systems(VTDS'09) , Nuremberg, Germany, March 2009, pp.1-6.

DOI: 10.1145/1518684.1518685

Google Scholar

[7] John Zao, Luis Sanchez, Matthew Condell, et al. Domain Based Internet Security Policy Management. Proceedings of DARPA Information Survivability Conference and Exposition (DISCEX'00), vol. 1, p.41–53, January 25–27, (2000).

DOI: 10.1109/discex.2000.824955

Google Scholar

[8] J. L. Griffin, T. Jaeger, R. Perez, et al. Trusted Virtual Domains: Toward Secure Distributed Services. 1st IEEE Workshop on Hot Topics in System Dependability, June (2005).

Google Scholar

[9] Ravi S. Sandhu. Lattice-Based Enforcement of Chinese Walls. Computers & Security, Volume 11, Number 8, December 1992, pp.753-763.

DOI: 10.1016/0167-4048(92)90131-a

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.