Computer Science Department

Get BibTex-formatted data

Author

Cynthia E. Irvine

Entry type

article

Abstract

The designs of applications for multilevel systems cannot merely duplicate those of the untrusted world. When applications are built on a high assurance base, they will be constrained by the underlying policy enforcement mechanism. Consideration must be given to the creation and management of multilevel data structures by untrusted subjects. Applications should be designed to rely upon the TCB\'s security policy enforcement services rather than build new access control services beyond the TCB perimeter. The result of an analysis of the design of a general purpose file system developed to execute as an untrusted appplication on high assurance TCB are presented. The design illustrates a number of solutions to problems resulting from a hihg assurance environment.

Date

1995 – May

Address

Oakland, CA

Journal

Proceedings of the IEEE Symposium on Security and Privacy

Key alpha

Irvine

Pages

78-87

Publisher

IEEE Computer Society Press

Affiliation

Naval Postgraduate School

Publication Date

0000-00-00

Keywords

TCB

Language

English

Location

A hard-copy of this is in the Papers Cabinet

Subject

Multilevel File System

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Article{ Irvine,
	title = "Computer Science Department",
	author = "Cynthia E. Irvine",
	year = "1995",
	month = "May",
	address = "Oakland, CA",
	journal = "Proceedings of the IEEE Symposium on Security and Privacy",
	pages = "78-87",
	publisher = "IEEE Computer Society Press",
	abstract = "The designs of applications for multilevel systems cannot merely duplicate those of the untrusted world.  When applications are built on a high assurance base, they will be constrained by the underlying policy enforcement mechanism.  Consideration must be given to the creation and management of multilevel data structures by untrusted subjects.  Applications should be designed to rely upon the TCB\'s security policy enforcement services rather than build new access control services beyond the TCB perimeter.
The result of an analysis of the design of a general purpose file system developed to execute as an untrusted appplication on high assurance TCB are presented.  The design illustrates a number of solutions to problems resulting from a hihg assurance environment.
",
	affiliation = "Naval Postgraduate School",
	keywords = "TCB",
	language = "English",
	subject = "Multilevel File System",
}