Multiple independent levels of safety and security: high assurance architecture for MSLS/MLS
| Autor: | G.M. Uchenick, W M Vanfleet |
|---|---|
| Rok vydání: | 2005 |
| Předmět: |
Cloud computing security
Computer science computer.internet_protocol Data security Service-oriented architecture Certification Information security Computer security model Asset (computer security) Computer security computer.software_genre Security testing Security information and event management Security service Software security assurance Middleware Security through obscurity Security convergence computer |
| Zdroj: | MILCOM 2005 - 2005 IEEE Military Communications Conference. |
| DOI: | 10.1109/milcom.2005.1605749 |
| Popis: | With the advent of the global information grid and the move towards service oriented architectures, the need for systems to process and share information at a wide range of classification levels has become paramount. The multiple independent levels of security/safety (MILS) architecture greatly reduce the amount of privileged security enforcing code while simultaneously making that code more effective. By providing extremely robust data isolation and control of information flow, MILS enables security functions to be layered among a kernel, middleware, and applications. The reduced amount of security critical code makes it more practical to mathematically prove that security policy enforcement is NEAT, an acronym for non-bypassable, evaluatable, always invoked, and tamper-proof. A key additional benefit of MLS is that, for the first time, application developers can implement their own security policy enforcement and be guaranteed their own protections are also NEAT without invalidating the kernel 's or middleware's prior certifications |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|