Reference from ESORICS proceedings

5th European Symposium on Research in Computer Security (ESORICS 98)

A Kernelized Architecture for Multilevel Secure Application Policies

Simon N. Foley

Keywords :

Abstract : Mandatory labed-based policies may be used to support a wide-range of application security requirements. Labels encode the security state of system entities and the security policy specifies how these labels may change. Building on previous results, this paper develops a model for a kernelized framework for supporting these policies. The framework provides the basis for, what is essentially, an interpreter of multilevel programs: programs that manipulate multilevel label data-structures. This enables application functionality and security concerns to be developed separately, bringing with it the advantages of a separation of concerns paradigm.

(Pages 33-49)

Proceedings table of contents