Implementing secure dependencies over a network by designing a distributed security subsystem

Abstract

It was recently argued that the presence of covert channels should no longer be taken for granted in multilevel secure systems. Until today, multilevel security seems to have been an ideal to approach and not a requirement to meet. The question is: is it possible to design a practical multilevel system offering full security? Based on which architecture? The approach described in this paper reflects some results of a research project which suggests some ideas to answer this question. We have chosen the distributed architecture of a secure LAN as an application framework. In particular we show how controls exerted on dependencies permit to control exhaustively the elementary flows of information. The enforced rules govern both the observation and the handling of data over the whole system. They are achieved by means of some hardware mechanisms that submit the access of hosts to the medium to a secure medium access control protocol. We evaluate how secure dependencies used to ensure confidentiality in such an architecture may also be used to answer some other needs with respect to other attributes of security.