E - BLP Security Model for Secure Linux System and Its Implementation


The KIPS Transactions:PartA, Vol. 8, No. 4, pp. 391-398, Dec. 2001
10.3745/KIPSTA.2001.8.4.391,   PDF Download:

Abstract

To design and develop secure operating systems, the BLP (Bell-La Padula) model that represents the MLP (Multi-Level Policy) has been widely adopted. However, user's security level in the most developed systems based on the BLP model is inherited to a process that is actual subject on behalf of the user, regardless whatever the process behavior is. So, there could be information disclosure threat or modification threat by malicious or unreliable processes even though the user is authorized in the system. These problems can be solved by defining the subject as (user, process) ordered pair and by defining the process reliability. Moreover, when the leveled programs which exist as objects in a disk are executed by a process and have different level from the process level, the security level decision problem occurs. This paper presents an extended BLP (E-BLP) model in which process reliability is considered and solves the security level decision problem. And this model is implemented into the Linux kernel 2.4.7.


Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from September 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[IEEE Style]
J. M. Kang, W. Shin, C. G. Park, D. I. Lee, "E - BLP Security Model for Secure Linux System and Its Implementation," The KIPS Transactions:PartA, vol. 8, no. 4, pp. 391-398, 2001. DOI: 10.3745/KIPSTA.2001.8.4.391.

[ACM Style]
Jung Min Kang, Wook Shin, Chun Gu Park, and Dong Ik Lee. 2001. E - BLP Security Model for Secure Linux System and Its Implementation. The KIPS Transactions:PartA, 8, 4, (2001), 391-398. DOI: 10.3745/KIPSTA.2001.8.4.391.