Security analysis of mandatory access control model

Author

Jiang, Yixin ; Lin, Chuang ; Yin, Hao ; Tan, Zhangxi

Author_Institution

Dept. of Comput. Sci. & Technol., Tsinghua Univ., Beijing, China

Volume

6

fYear

2004

fDate

10-13 Oct. 2004

Firstpage

5013

Abstract

Mandatory access control (MAC) model is an important security model. Based on the lattice model of security level and Bell-LaPadula model the definition of MAC security model is formally described in detail. The equivalent MAC security model described by colored Petri nets (CPN) is proposed. According to the state reachability graph, four security properties of MAC security model, i.e. the access temporal relations, the reachability of objects when subject accesses them, hidden security holes due to the dynamic security level, the indirect reasoning of confidential information flow between different objects, are explored at length. In addition, an example of the security model is illustrated and the conclusions show that the security model based on Petri nets is not only a concise graphic analysis method, but also suited to be formally verified. This model can efficiently improve the whole security policies during the system security design and implementation.

Keywords

Petri nets; reachability analysis; security of data; Bell-LaPadula model; colored Petri nets; dynamic security level; graphic analysis method; lattice model; mandatory access control model; security analysis; state reachability graph; Access control; Authorization; Computer science; Computer security; Graphics; Information analysis; Information security; Information systems; Lattices; Petri nets;

fLanguage

English

Publisher

ieee

Conference_Titel

Systems, Man and Cybernetics, 2004 IEEE International Conference on

ISSN

1062-922X

Print_ISBN

0-7803-8566-7

Type

conf

DOI

10.1109/ICSMC.2004.1400987

Filename

1400987