Please use this identifier to cite or link to this item: http://hdl.handle.net/2307/5928
Title: Design and implementation of multilevel security architectures
Authors: Liguori, Angelo
metadata.dc.contributor.advisor: Giunta, Gaetano
Benedetto, Francesco
Keywords: Multilevel security
MILS
Cross-domain
Common criteria
Issue Date: 1-Jun-2016
Publisher: Università degli studi Roma Tre
Abstract: The problem of securely storing and processing sensitive data is paramount in many sectors. But ICT Security is not a Defense prerogative. Events like Vatileaks and Panama Papers, after Snowden's disclosures, brought to prominence the information security problem. We live in a world that requires from us to be always-on, always-connected. Technological progress and the need to process and share always bigger amount of data led to the inception of distributed systems, smart sensors/networks, cloud computing etc. and transformed the Internet in a high bandwidth medium. We are surrounded by devices and use applications that track and collect our personal information that should be properly protected. Sensitive data should be accessed only by people with valid authorizations and with a specific need-to-know that could affect only a specific subset of data necessary to perform some operations. The requirement to protect information characterized by a hierarchy of sensitivity levels led to the definition of Multilevel Security. In the last years a new paradigm called Multiple Independent Levels of Secu- rity/Safety (MILS) seems to be able to effectively address the problem. This thesis illustrates the design and the implementation of Multilevel Security Archi- tectures. We pinpointed the drawbacks of the currently proposed solutions and analyzed the problem from different perspectives: high-assurance security requirements, certi cation according to international schemes, and performance. We proposed an innovative MILS Distributed Architecture and implemented a specific MILS component that enforces the security policy of connecting domains characterized by different classification level information. We also faced the multilevel-related covert channel problem proposing a novel detection algorithm and building an open source covert timing channel in order to evaluate its performance.
URI: http://hdl.handle.net/2307/5928
Access Rights: info:eu-repo/semantics/openAccess
Appears in Collections:T - Tesi di dottorato
Dipartimento di Ingegneria

Files in This Item:
File Description SizeFormat
Liguori_Design_and_Implementation_of_Multilevel_Security_Architectures.pdf3.09 MBAdobe PDFView/Open
SFX Query Show full item record Recommend this item

Page view(s)

18
checked on Sep 26, 2020

Download(s)

29
checked on Sep 26, 2020

Google ScholarTM

Check


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.