Example Information Flow Controls

by Fred Foster.
Share
|
Homepage | Submit your article | Contact | TOS
More articles on data security  

You are here: Categories » Computers and technology » Data security

Like the program-based information flow mechanisms discussed above, both special-purpose and general-purpose computer systems have information flow controls at the system level. File access controls, integrity controls, and other types of access controls are mechanisms that attempt to inhibit the flow of information within a system, or between systems.

The first example is a special-purpose computer that checks I/O operations between a host and a secondary storage unit. It can be easily adapted to other purposes.

A mail guard for electronic mail moving between a classified network and an unclassified one follows. The goal of both mechanisms is to prevent the illicit flow of information from one system unit to another.

Security Pipeline Interface

Hoffman and Davis propose adding a processor, called a security pipeline interface (SPI), between a host and a destination. Data that the host writes to the destination first goes through the SPI, which can analyze the data, alter it, or delete it. But the SPI does not have access to the host's internal memory; it can only operate on the data being output. Furthermore, the host has no control over the SPI. Hoffman and Davis note that SPIs could be linked into a series of SPIs, or be run in parallel.

They suggest that the SPI could check for corrupted programs. A host requests a file from the main disk. An SPI lies on the path between the disk and the host. Associated with each file is a cryptographic checksum that is stored on a second disk connected to the first SPI. When the file reaches the first SPI, it computes the cryptographic checksum of the file and compares it with the checksum stored on the second disk. If the two match, it assumes that the file is uncorrupted. If not, the SPI requests a clean copy from the second disk, records the corruption in a log, and notifies the user, who can update the main disk.

The information flow being restricted here is an integrity flow, rather than the confidentiality flow of the other examples. The inhibition is not to prevent the corrupt data from being seen, but to prevent the system from trusting it. This emphasizes that, although information flow is usually seen as a mechanism for maintaining confidentiality, its application in maintaining integrity is equally important.

Secure Network Server Mail Guard

Consider two networks, one of which has data classified SECRET and the other of which is a public network. The authorities controlling the SECRET network need to allow electronic mail to go to the unclassified network. They do not want SECRET information to transit the unclassified network, of course. The Secure Network Server Mail Guard (SNSMG) is a computer that sits between the two networks. It analyzes messages and, when needed, sanitizes or blocks them.

For this example, assume that the network has only one category, which we omit.

The SNSMG accepts messages from either network to be forwarded to the other. It then applies several filters to the message; the specific filters may depend on the source address, destination address, sender, recipient, and/or contents of the message. Examples of the functions of such filters are as follows.

  • Check that the sender of a message from the SECRET network is authorized to send messages to the unclassified network.

  • Scan any attachments to messages coming from the unclassified network to locate, and eliminate, any computer viruses.

  • Require all messages moving from the SECRET to the unclassified network to have a clearance label, and if the label is anything other than UNCLASS (unclassified), encipher the message before forwarding it to the unclassified network.

The SNSMG is a computer that runs two different message transfer agents (MTAs), one for the SECRET network and one for the unclassified network. It uses an assured pipeline to move messages from the MTA to the filter, and vice versa. In this pipeline, messages output from the SECRET network's MTA have type a, and messages output from the filters have a different type, type b. The unclassified network's MTA will accept as input only messages of type b. If a message somehow goes from the SECRET network's MTA to the unclassified network's MTA, the unclassified network's MTA will reject the message as being of the wrong type. The SNSMG is processing a message from the SECRET network. The filters are part of a highly trusted system and perform checking and sanitizing of messages.

The SNSMG is an information flow enforcement mechanism. It ensures that information cannot flow from a higher security level to a lower one. It can perform other functions, such as restricting the flow of untrusted information from the unclassified network to the trusted, SECRET network. In this sense, the information flow is an integrity issue, not a confidentiality issue.

Share
Leave a comment or ask a question
Total comments: 0

Data security Disclaimer

  • The e-articles directory is not responsible for any and all copyright infringements by writers and authors. If you suspect the information contained by this page for any copyright infringements, please contact us to investigate the issue
Biometric Locks: Why You Should Call Installation Experts - Fingerprint readers and other forms of biometric security are becoming big business, but are you, the DIY enthusiast, ready to take on a biometric door lock installation project? Unless y (more...)
Which Are The Most Common Network Security Risks - A network security incident isany network-related activity with negative security implications. Security incidents on the Internet can come in all shapes and sizes, launched from specific (more...)
Biometric Locks: How The Windows 7's Biometric Driver Helps You - Biometric technology is making it even easier to use computers. There's no need to remember passwords anymore because you can unlock your computer by using your fingerprint. Fingerprint readers a (more...)
How to speed up your computer - Most of People surf sites daily and don't care which should be visited, when they felt thier computer slow, they start worrying about it. Five tips You must adapt 1: Use Antivirus and update (more...)
Tips on Buying Biometric Locks - The security of your home is essential. You owe it to yourself and your loved ones to make sure you are safe at all times. So, with the development of biometric security locks things h (more...)
3 Signs You Need a Virus Removal Service - Virus and malware infestations are some of the most common computer repair problems that computer owners everywhere deals with. These malicious hijacking attempts of your (more...)
Six Myths about Nulled Scripts, or There's No Such Thing as Free Lunch - Once every so often our customers are asking us how come on some websites our software is sold at a fraction of price or is even free. They further ask how come they have to pay for the software if (more...)
How to protect against Spoofing and Session Hijacking - Spoofing is the term hackers use to describe the act of faking information sent to a computer. This is a broad definition of spoofing, but there are many subtle variations of this attack. Howev (more...)
Online Security on Public Computers - Using public computers can put you at risk for password hackers who use tools such as keystroke logging devices. Find out how to protect yourself from criminals preying on public computers. (more...)
How to Create a Strong Password - Using a password keeper can help you keep your online information more secure by allowing you to create more complex passwords for your Internet accounts without having to remember them. Here a (more...)
 
free content
    Copyright © 2006 - 2012 e-articles.info.
The texts, articles and tutorials in the directory are property of their respective owners and authors.