Dynamic Trusted Domain: Preventing Data Leakage of Trusted Subjects

Abstract:

Article Preview

The existence of trusted subjects is a major complication in implementing multilevel secure (MLS) systems. In MLS, trusted subjects are granted with privileges to perform operations possibly violating mandatory access control policies. It is difficult to prevent them from data leakage with out too strict confinement. This paper reconsiders the privilege from the view of sensitive data and presents a dynamic trusted domain (DTD) mechanism for trusted subjects. In DTD, a domain is associated with a special label structure (LabelVector) distinguishing security policies and builds an isolated environment based on virtualization for a certain trusted subject. The channel for the trusted subject to communicate with outsider is controlled by a trusted request decision maker (TRDM). Only the request satisfies the rules on domain label and security levels can be passed through.

Info:

Periodical:

Edited by:

Zhixiang Hou

Pages:

470-473

DOI:

10.4028/www.scientific.net/AMM.48-49.470

Citation:

J. Ma et al., "Dynamic Trusted Domain: Preventing Data Leakage of Trusted Subjects", Applied Mechanics and Materials, Vols. 48-49, pp. 470-473, 2011

Online since:

February 2011

Export:

Price:

$35.00

In order to see related information, you need to Login.

In order to see related information, you need to Login.