Please use this identifier to cite or link to this item:
http://hdl.handle.net/2307/5928
Title: | Design and implementation of multilevel security architectures | Authors: | Liguori, Angelo | Advisor: | Giunta, Gaetano Benedetto, Francesco |
Keywords: | Multilevel security MILS Cross-domain Common criteria |
Issue Date: | 1-Jun-2016 | Publisher: | Università degli studi Roma Tre | Abstract: | The problem of securely storing and processing sensitive data is paramount in many sectors. But ICT Security is not a Defense prerogative. Events like Vatileaks and Panama Papers, after Snowden's disclosures, brought to prominence the information security problem. We live in a world that requires from us to be always-on, always-connected. Technological progress and the need to process and share always bigger amount of data led to the inception of distributed systems, smart sensors/networks, cloud computing etc. and transformed the Internet in a high bandwidth medium. We are surrounded by devices and use applications that track and collect our personal information that should be properly protected. Sensitive data should be accessed only by people with valid authorizations and with a specific need-to-know that could affect only a specific subset of data necessary to perform some operations. The requirement to protect information characterized by a hierarchy of sensitivity levels led to the definition of Multilevel Security. In the last years a new paradigm called Multiple Independent Levels of Secu- rity/Safety (MILS) seems to be able to effectively address the problem. This thesis illustrates the design and the implementation of Multilevel Security Archi- tectures. We pinpointed the drawbacks of the currently proposed solutions and analyzed the problem from different perspectives: high-assurance security requirements, certi cation according to international schemes, and performance. We proposed an innovative MILS Distributed Architecture and implemented a specific MILS component that enforces the security policy of connecting domains characterized by different classification level information. We also faced the multilevel-related covert channel problem proposing a novel detection algorithm and building an open source covert timing channel in order to evaluate its performance. | URI: | http://hdl.handle.net/2307/5928 | Access Rights: | info:eu-repo/semantics/openAccess |
Appears in Collections: | X_Dipartimento di Ingegneria T - Tesi di dottorato |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
Liguori_Design_and_Implementation_of_Multilevel_Security_Architectures.pdf | 3.09 MB | Adobe PDF | View/Open |
Page view(s)
205
checked on Nov 24, 2024
Download(s)
1,291
checked on Nov 24, 2024
Google ScholarTM
Check
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.