Title :
An implementation of MLS on a network of workstations using X.500/509
Author :
Davis, James ; Jacobson, Doug ; Bridges, Stephanie ; Wright, Ken
Author_Institution :
Dept. of Electr. Eng. & Comput. Eng., Iowa State Univ., Ames, IA, USA
Abstract :
We describe a project whose goal is to provide a secure distributed access control mechanism for user tasks in a heterogeneous network of computing resources. This is accomplished by implementing a UNIX-based multi-level security (MLS) scheme where users and resources are labeled with a security level and a group. Access control is enforced by an access list server that uses X.500 directory and X.509 authentication services. Groundwork is laid for the next step of the project, which is to extend the security services for migrating tasks so that workstations are protected from security threats posed by incoming tasks, and also to protect tasks from threats originating from the workstation
Keywords :
Unix; authorisation; client-server systems; local area networks; open systems; security of data; software standards; telecommunication standards; MLS; UNIX; X.500; X.509; access list server; authentication services; heterogeneous network; multi-level security; secure distributed access control; user tasks; workstation network; Access control; Authentication; Information security; Jacobian matrices; Libraries; Multilevel systems; Network servers; Protection; System testing; Workstations;
Conference_Titel :
Performance, Computing, and Communications Conference, 1997. IPCCC 1997., IEEE International
Conference_Location :
Phoenix, Tempe, AZ
Print_ISBN :
0-7803-3873-1
DOI :
10.1109/PCCC.1997.581562
