Accession Number:

ADA142355

Title:

A Security Model for Military Message Systems.

Descriptive Note:

Final rept.,

Corporate Author:

NAVAL RESEARCH LAB WASHINGTON DC

Report Date:

1984-05-31

Pagination or Media Count:

28.0

Abstract:

Military systems that process classified information must operate in a secure manner i.e., they must protect information adequately against unauthorized disclosure, modification, and withholding. A goal of current research in computer security is to facilitate the construction of multilevel secure systems, systems that protect information of various classifications from users with different clearances. Security models are used to define the concept of security embodied by a computer system. A single model, called the Bell-LaPadula model, has dominated recent efforts to build secure systems but has deficiencies. We are developing a new approach to defining security models based on the idea that a security model should be derived from a specific application. To evaluate our approach, we have formulated a security model for a family of military message systems. This report introduces the message-system application, describes the problems of using the Bell-LaPadula model in real applications, presents our security model both informally and formally, and summarizes our approach to developing secure message systems. Significant aspects of the security model are its definition of multilevel objects and its inclusion of application-dependent security assertions. Prototypes based on this model are being developed.

Subject Categories:

  • Computer Programming and Software
  • Computer Hardware
  • Military Intelligence

Distribution Statement:

APPROVED FOR PUBLIC RELEASE