Proposal of the Hierarchical File Server Groups for Implementing Mandatory Access Control

Author

Sakuraba, Taketoshi ; Sakurai, Kouichi

Author_Institution

Yokohama Lab., Hitachi, Ltd., Yokohama, Japan

fYear

2012

fDate

4-6 July 2012

Firstpage

639

Lastpage

644

Abstract

An accessible implementation of MAC for file access is proposed. Instead of traditional but unfamiliar MAC aware tools such as secure-OSs, the security enforcement mechanism of our proposal is FSG (file server group) which is structured so that they reflect a security policy of the organization. Using ordinal file servers, it is accessible to the most of commercial office environment. We also propose the use of FCA (formal concept analysis), a technology for knowledge extraction, to derive the structure of FSG for information flow enforcement. An advantage of use of FCA is that it directly produces configuration parameters such as access points of users as the knowledge extracted from organizational security policy. The configuration of the file server group is easy to understand, and the management cost of FSG is lower than that of the ordinary flat structured file servers.

Keywords

access protocols; authorisation; file servers; formal concept analysis; organisational aspects; FCA; FSG; MAC-aware tools; file access; flat structured file servers; formal concept analysis; hierarchical file server groups; information flow enforcement; mandatory access control; ordinal file servers; organizational security; secure-OS; security policy; Access control; File servers; Lattices; Organizations; Permission; Servers; File Server Group; Formal Concept Analysis; Mandatory Access Control;

fLanguage

English

Publisher

ieee

Conference_Titel

Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), 2012 Sixth International Conference on

Conference_Location

Palermo

Print_ISBN

978-1-4673-1328-5

Type

conf

DOI

10.1109/IMIS.2012.129

Filename

6296929