Title :
Secure dependencies with dynamic level assignments
Author :
Bieber, Pierre ; Cuppens, Frédéric
Author_Institution :
ONERA-CERT, Toulouse, France
Abstract :
Most security models explicitly (or implicitly) include the tranquillity principle which prohibits changing the security level of a given piece of information. Yet in practical systems, classification of objects may evolve due to declassification and subject current level may evolve according to subject requests. The authors previously proposed a modal logic definition of security whose counterpart is a constraint on the system traces that they called causality. In this paper, they give a generalization of causality which avoids the tranquillity principle. They give an interpretation of their model in the case of a multilevel security policy when the levels can be assigned dynamically. Then they provide efficient conditions to control the dynamic assignment of both the object classification and the subject current level. They propose a comparison of their approach with the nondeducibility generalization. Finally they give several examples of systems where security levels are dynamically assigned
Keywords :
security of data; classification of objects; dynamic assignment; dynamic level assignments; modal logic definition; multilevel security policy; object classification; secure dependencies; security models; tranquillity principle; Information security; Logic; Multilevel systems;
Conference_Titel :
Computer Security Foundations Workshop V, 1992. Proceedings.
Conference_Location :
Franconia, NH
Print_ISBN :
0-8186-2850-2
DOI :
10.1109/CSFW.1992.236787
