Policy-based labelling: A flexible framework for trusted data labelling

Author

Kongsgard, Kyrre Wahl ; Nordbotten, Nils Agne ; Fauskanger, Stian

Author_Institution

Univ. of Oslo, Oslo, Norway

fYear

2015

fDate

18-19 May 2015

Firstpage

1

Lastpage

10

Abstract

Security labels are utilized for several applications. For instance, cross-domain information exchange can be enabled by associating security labels with data objects and enforcing cross-domain information flow control based on these labels (e.g., using guards). The correctness of the security labels is critical to the overall security of such solutions. To assure the correctness of security labels, this paper proposes a flexible framework for trusted information labelling. The proposed solution represents a novel application of attribute based access control (aka. policy- based access control) principles to data labelling. The proposed framework can utilize content verification/analysis, user/application input, information flow monitoring, and contextual information as a basis for its policy-based labelling decisions.

Keywords

authorisation; trusted computing; application input; attribute based access control; content analysis; content verification; contextual information; cross-domain information exchange; cross-domain information flow control; data objects; flexible framework; information flow monitoring; policy-based access control; policy-based labelling; security label correctness; security labels; trusted data labelling principles; trusted information labelling; user input; Access control; Authentication; Labeling; Logic gates; Monitoring; XML; ABAC; Labelling; XACML; information flow control; object level security;

fLanguage

English

Publisher

ieee

Conference_Titel

Military Communications and Information Systems (ICMCIS), 2015 International Conference on

Conference_Location

Cracow

Print_ISBN

978-8-3934-8485-0

Type

conf

DOI

10.1109/ICMCIS.2015.7158708

Filename

7158708