Discusses a network-level access control technique that applies the non-discretionary access control model to individual data packets that are exchanged between hosts or subnets. The proposed technique examines the incoming data's integrity properties to prevent applications within a node or subnetwork from so-called subversive channels. It checks outgoing data's secrecy requirements before transmission. Security labels are used to identify data packets as members of different categories and security levels. Additional tags store context information to validate the trustworthiness of a packet's content. Labels and tags of a data packet reflect events that may be relevant to access control throughout its life. As opposed to stateful filtering, which is based on the history of a flow of packets, our approach works on the history of an individual packet. Any state information is part of the packet rather than being stored in all the nodes inspecting the packet; i.e. nodes do not need to create and maintain state information.
Index Terms:
authorisation; telecommunication security; electronic data interchange; data integrity; data communication; packet switching; telecommunication network management; history-based distributed filtering; tagging; network-level access control; nondiscretionary access control model; data packet exchange; subnetworks; data integrity; subversive channels; secrecy requirements; data transmission; security labels; security levels; context information; trustworthiness validation; state information
Citation:
R. Sailer, M. Kabatnik, "History based distributed filtering - a tagging approach to network-level access control," acsac, pp.373, 16th Annual Computer Security Applications Conference (ACSAC'00), 2000
PURCHASE ARTICLE: $19
IEEE Xplore Subscribers
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb