Evaluating the Use of Security Tags in Security Policy Enforcement Mechanisms

Author

Alves-Foss, Jim ; Jia Song ; Amack, A. Scott ; Kerr, Lawrence ; Steiner, Stuart

Author_Institution

Center for Secure & Dependable Syst., Univ. of Idaho, Moscow, ID, USA

fYear

2015

fDate

5-8 Jan. 2015

Firstpage

5201

Lastpage

5210

Abstract

Security tagging schemes are known as promising mechanisms for providing security features in computer systems. Tags carry information about the tagged data throughout the system to be used in access control and other security mechanisms. This paper discusses several different uses of security tags related to different security policies, highlighting appropriate uses of the tags. The evaluation of the use of tags is presented in the summary of three security tagging application domains. One domain, using hardware-based tagging to prevent high-level attacks, was not found to be feasible. A project to use hardware-based tagging for OS security enhancement and a project that uses software-based tagging for multi-level secure document management were successful.

Keywords

authorisation; document handling; operating systems (computers); OS security enhancement; access control; computer systems; hardware-based tagging; high-level attacks; multilevel secure document management; security features; security mechanisms; security policies; security policy enforcement mechanisms; security tagging application domains; software-based tagging; tagged data; Access control; Hardware; Monitoring; Semantics; Software; Tagging; Security Policy; Security Tagging;

fLanguage

English

Publisher

ieee

Conference_Titel

System Sciences (HICSS), 2015 48th Hawaii International Conference on

Conference_Location

Kauai, HI

ISSN

1530-1605

Type

conf

DOI

10.1109/HICSS.2015.614

Filename

7070438