Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/2307/5928
Titolo: Design and implementation of multilevel security architectures
Autori: Liguori, Angelo
Relatore: Giunta, Gaetano
Benedetto, Francesco
Parole chiave: Multilevel security
MILS
Cross-domain
Common criteria
Data di pubblicazione: 1-giu-2016
Editore: Università degli studi Roma Tre
Abstract: The problem of securely storing and processing sensitive data is paramount in many sectors. But ICT Security is not a Defense prerogative. Events like Vatileaks and Panama Papers, after Snowden's disclosures, brought to prominence the information security problem. We live in a world that requires from us to be always-on, always-connected. Technological progress and the need to process and share always bigger amount of data led to the inception of distributed systems, smart sensors/networks, cloud computing etc. and transformed the Internet in a high bandwidth medium. We are surrounded by devices and use applications that track and collect our personal information that should be properly protected. Sensitive data should be accessed only by people with valid authorizations and with a specific need-to-know that could affect only a specific subset of data necessary to perform some operations. The requirement to protect information characterized by a hierarchy of sensitivity levels led to the definition of Multilevel Security. In the last years a new paradigm called Multiple Independent Levels of Secu- rity/Safety (MILS) seems to be able to effectively address the problem. This thesis illustrates the design and the implementation of Multilevel Security Archi- tectures. We pinpointed the drawbacks of the currently proposed solutions and analyzed the problem from different perspectives: high-assurance security requirements, certi cation according to international schemes, and performance. We proposed an innovative MILS Distributed Architecture and implemented a specific MILS component that enforces the security policy of connecting domains characterized by different classification level information. We also faced the multilevel-related covert channel problem proposing a novel detection algorithm and building an open source covert timing channel in order to evaluate its performance.
URI: http://hdl.handle.net/2307/5928
Diritti di Accesso: info:eu-repo/semantics/openAccess
È visualizzato nelle collezioni:X_Dipartimento di Ingegneria
T - Tesi di dottorato

File in questo documento:
File Descrizione DimensioniFormato
Liguori_Design_and_Implementation_of_Multilevel_Security_Architectures.pdf3.09 MBAdobe PDFVisualizza/apri
Visualizza tutti i metadati del documento Suggerisci questo documento

Page view(s)

205
checked on 24-nov-2024

Download(s)

1.291
checked on 24-nov-2024

Google ScholarTM

Check


Tutti i documenti archiviati in DSpace sono protetti da copyright. Tutti i diritti riservati.