Share Email Print

Proceedings Paper

Integrated mandatory access control for digital data
Author(s): George Hsieh; Gregory Patrick; Keith Foster; Gerald Emamali; Lisa Marvel
Format Member Price Non-Member Price
PDF $14.40 $18.00
cover GOOD NEWS! Your organization subscribes to the SPIE Digital Library. You may be able to download this paper for free. Check Access

Paper Abstract

This paper presents an integrated mandatory access control (MAC) framework that incorporates MAC mechanisms at both operating system and application layers for digital data. The framework uses Security-Enhanced Linux (SELinux) as the foundation for MAC at the operating system layer. It uses XACML (eXtensible Access Control Markup Language) as the base mechanism for specifying and embedding information-layer MAC policies. This framework is designed to be general-purpose, flexible, and capable of providing fine-grained access control. This paper also describes a high-level architecture of a prototype being developed for the framework. One targeted application domain for this framework is information sharing and dissemination in a multi-level security environment.

Paper Details

Date Published: 17 March 2008
PDF: 10 pages
Proc. SPIE 6973, Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2008, 697302 (17 March 2008); doi: 10.1117/12.777135
Show Author Affiliations
George Hsieh, Norfolk State Univ. (United States)
Gregory Patrick, Norfolk State Univ. (United States)
Keith Foster, Norfolk State Univ. (United States)
Gerald Emamali, Norfolk State Univ. (United States)
Lisa Marvel, Army Research Lab. (United States)

Published in SPIE Proceedings Vol. 6973:
Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2008
William J. Tolone; William Ribarsky, Editor(s)

© SPIE. Terms of Use
Back to Top