Sciweavers

CSFW
1992
IEEE

Secure Dependencies with Dynamic Level Assignments

14 years 3 months ago
Secure Dependencies with Dynamic Level Assignments
Most security models explicitly (or implicitly) include the tranquillity principle which prohibits changing the security level of a given piece of information. Yet in practical systems, classi cation of objects may evolve due to declassi cation and subject current level may evolve according to subject requests. In [2], we proposed a modal logic de nition of security whose counterpart is a constraint on the system traces that we called causality. In this paper, we give a generalization of causality which avoids the tranquillity principle. We give an interpretation of our model in the case of a multilevel security policy when the levels can be assigned dynamically. Then we provide ecient conditions to control the dynamic assignment of both the object classi cation and the subject current level. We propose a comparison of our approach with the nondeducibility generalization of [15]. Finally, we give several examples of systems where security levels are dynamically assigned.
Pierre Bieber, Frédéric Cuppens
Added 10 Aug 2010
Updated 10 Aug 2010
Type Conference
Year 1992
Where CSFW
Authors Pierre Bieber, Frédéric Cuppens
Comments (0)