Title :
Realisation of the Bell-LaPadula security policy in an OSI-distributed system using asymmetric and symmetric cryptographic algorithms
Author :
Verschuren, Jan ; Govaerts, René ; Vandewalle, Joos
Author_Institution :
TNO Dept., EIB, Delft, Netherlands
Abstract :
This article discusses a distributed implementation of the Bell-LaPadula security policy model. Implementation of a confidentiality service in the OSIRM is not sufficient for enforcing the Bell-LaPadula model. Also integrity services are necessary. In this article both public key systems (PKSs) as well as symmetric cryptographic systems are considered for the realisation of these security services. By concentrating on the key distribution, no cryptographic algorithms or protocols are excluded on beforehand. It is investigated how key-distributions can be found resulting in a minimum number of keys. Application of PKSs results in a key distribution which requires less keys than key-distributions going with the use of a symmetric system. Moreover, practical or viable key-distributions going with symmetric algorithms turn out to be more sensitive to the disclosure of a secret key than key-distributions going with PKSs. A combination of a PKS and a symmetric system is indicated which does not suffer from the disadvantages going with the use of symmetric systems alone
Keywords :
data integrity; distributed processing; open systems; protocols; public key cryptography; Bell-LaPadula security policy; OSI-distributed system; OSIRM; asymmetric cryptographic algorithms; confidentiality; distributed implementation; public key systems; secret key; symmetric cryptographic algorithms; Communication system security; Cryptographic protocols; Data security; Electronic mail; Information security; Natural languages; Protection; Public key; Public key cryptography; Writing;
Conference_Titel :
Computer Security Foundations Workshop V, 1992. Proceedings.
Conference_Location :
Franconia, NH
Print_ISBN :
0-8186-2850-2
DOI :
10.1109/CSFW.1992.236778
