A model independent security architecture for distributed heterogeneous systems

Meer over het boek

This dissertation demonstrates that information assurance properties can be specified within a formal systems model and enforced consistently across diverse nodes and organizational domains while maintaining the model's semantics. These properties, known as security policies, are enforced at the operating system level, allowing automated reasoning mechanisms to derive lower abstraction layer properties from higher semantic levels specified by administrators based on the formal model. Operations are validated through proofs obtained within this model, ensuring that both permitted and required operations are derived consistently. To support the enforcement of a broad range of security policies and scalability across large organizations, externally controlled reference monitors are introduced. These monitors manage layered enforcement mechanisms that can be implemented in newly constructed systems or added to existing commercial operating systems, even without source code modifications. This approach facilitates a transition to secure systems while allowing mission fulfillment with legacy systems. The Microsoft Windows 2000 operating system is used as a case study to illustrate these concepts. Enforcement mechanisms include modifications to file system and network protocol stack behavior, highlighting benefits such as dynamic distributed network firewalling and intrusion detection, along with multilevel security capabilities go