Sciweavers

CCS
2007
ACM

Analysis of three multilevel security architectures

14 years 6 months ago
Analysis of three multilevel security architectures
Various system architectures have been proposed for high assurance enforcement of multilevel security. This paper provides an analysis of the relative merits of three architectural types – one based on a security kernel, another based on a traditional separation kernel, and a third based on a least-privilege separation kernel. We introduce the Least Privilege architecture, which incorporates security features from the recent “Separation Kernel Protection Profile,” and show how it can provide several unique aspects of security and assurance, although each architecture has advantages. Categories and Subject Descriptors D.4 [Software]: Operating Systems – security and protection. D.2 [Software Engineering]: Software Architectures – Data ion; Domain-specific architectures. General Terms Measurement, Performance, Design, Security, Verification. Keywords Principle of Least Privilege, Security Kernel, Separation Kernel Partitioning Kernel, Multilevel Security, Architecture.
Timothy E. Levin, Cynthia E. Irvine, Clark Weissma
Added 07 Jun 2010
Updated 07 Jun 2010
Type Conference
Year 2007
Where CCS
Authors Timothy E. Levin, Cynthia E. Irvine, Clark Weissman, Thuy D. Nguyen
Comments (0)