Implementing secure dependencies over a network by designing a distributed security subsystem

  • Bruno d'Ausbourg
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 875)


It was recently argued that the presence of covert channels should no longer be taken for granted in multilevel secure systems. Until today, multilevel security seems to have been an ideal to approach and not a requirement to meet. The question is: is it possible to design a practical multilevel system offering full security? Based on which architecture? The approach described in this paper reflects some results of a research project which suggests some ideas to answer this question. We have chosen the distributed architecture of a secure LAN as an application framework. In particular we show how controls exerted on dependencies permit to control exhaustively the elementary flows of information. The enforced rules govern both the observation and the handling of data over the whole system. They are achieved by means of some hardware mechanisms that submit the access of hosts to the medium to a secure medium access control protocol. We evaluate how secure dependencies used to ensure confidentiality in such an architecture may also be used to answer some other needs with respect to other attributes of security.


Medium Access Control Covert Channel Causal Dependency Security Mode Interface Unit 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    P. Bieber, F. Cuppens, “A logical view of secure dependencies.” In Journal of Computer Security, Vol. 1, Nr. 1, IOS Press, 1992Google Scholar
  2. 2.
    K. J. Biba, “Integrity Considerations for Secure Computer Systems”, Technical Report ESD-TR-76-372, ESD/AFSC, Hanscom AFB, Bedford, Mass., 1977. Also MITRE MTR-3153.Google Scholar
  3. 3.
    D. E. Bell and L. J. Padula “Secure Computer Systems: Unified Exposition and Multics Interpretation”, MTR-2997, MITRE Corporation, Bedford, Mass. (1975).Google Scholar
  4. 4.
    B. d'Ausbourg and J.H. Llareus, “M2S: A machine for multilevel security”, in Proceedings of ESORICS92, Toulouse, France, 1992Google Scholar
  5. 5.
    G.Eizenberg, “Mandatory policy: secure system model”. In AFCET, editor, European Workshop on Computer Security, Paris,1989.Google Scholar
  6. 6.
    G.King “A survey of commercially available secure LAN product”, in Proc. Int. IEEE Conf. on Computer Security Applications, Tucson, Arizona, December 1989Google Scholar
  7. 7.
    ISO 7498-2, Organization for Standardization, Information Processing Systems — Open System Interconnection Reference Model — Security Architecture, 1988Google Scholar
  8. 8.
    Information Technology Security Evaluation Criteria, Harmonized Criteria of France, Germany, the Netherlaands, and the United Kingdom, 1990Google Scholar
  9. 9.
    H.L Johnson et al. “Integrity and Assurance of service Protection in a large, multipurpose, critical System”, In Proceedings of the 15th National Computer Security Conference, Baltimore, MD, October 1992Google Scholar
  10. 10.
    E.S. Lee, B. Thomson, Peter I.P. Boulton and M. Stumm “An architecture for a Trusted Network” European Symposium on Research in Computer Security, ESORICS90, Toulouse, France, 1990Google Scholar
  11. 11.
    J. McLean, “Security Models and Information Flow” ‚IEEE Symposium on Security and Privacy, Oakland, 1990.Google Scholar
  12. 12.
    NCSC. Department of Defense. Trusted Computer Systems Evaluation Criteria. Technical report DoD 5200.28-STD, National Computer Security Center, Fort Meade, MD, December 1985Google Scholar
  13. 13.
    National Computer Security Center Trusted Network Interpretation of the Trusted Computer System Evaluation Criteria, NCSC-TG-005, July 1987Google Scholar
  14. 14.
    N. E. Proctor and P. G. Neumann “Architectural implications of covert channels”, In Proceedings of the 15th National Computer Security Conference, Baltimore, MD, October 1992Google Scholar
  15. 15.
    J.M. Rushby and B. Randell, “A Distributed Secure System” Computer vol 16 no 7, IEEE, July 1983Google Scholar
  16. 16.
    P.Siron and B. d'Ausbourg “A Secure Medium Access Control Protocol: Security versus Performances” in Proceedings of ESORICS 94, Brighton, UK, November 1994.Google Scholar
  17. 17.
    J. Wood and D.H. Barnes “A Practical Distributed System” in Proceedings of the International Conference on System Security, London, October 1985Google Scholar
  18. 18.
    J. Wood “A practical Distributed System” in Proceedings of the Second International Conference on Secure Communication Systems, IEE, London, October 1986Google Scholar
  19. 19.
    R. Yavatkar, P. Pai and R. Finkel “A reservation based CSMA Protocol for Integrated Manufacturing networks”, Tecn. Rep. 216-92, Department of Comp. Sc., Univeristy of Kentucky, Lexington, KYGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1994

Authors and Affiliations

  • Bruno d'Ausbourg
    • 1
  1. 1.Département d'Etudes et de Recherches en InformatiqueCERT-ONERAToulouse-CedexFrance

Personalised recommendations