Example Information Flow Controls

by Fred Foster.
Share
|
Homepage | Submit your article | Contact | TOS
More articles on data security  

You are here: Categories » Computers and technology » Data security

Like the program-based information flow mechanisms discussed above, both special-purpose and general-purpose computer systems have information flow controls at the system level. File access controls, integrity controls, and other types of access controls are mechanisms that attempt to inhibit the flow of information within a system, or between systems.

The first example is a special-purpose computer that checks I/O operations between a host and a secondary storage unit. It can be easily adapted to other purposes.

A mail guard for electronic mail moving between a classified network and an unclassified one follows. The goal of both mechanisms is to prevent the illicit flow of information from one system unit to another.

Security Pipeline Interface

Hoffman and Davis propose adding a processor, called a security pipeline interface (SPI), between a host and a destination. Data that the host writes to the destination first goes through the SPI, which can analyze the data, alter it, or delete it. But the SPI does not have access to the host's internal memory; it can only operate on the data being output. Furthermore, the host has no control over the SPI. Hoffman and Davis note that SPIs could be linked into a series of SPIs, or be run in parallel.

They suggest that the SPI could check for corrupted programs. A host requests a file from the main disk. An SPI lies on the path between the disk and the host. Associated with each file is a cryptographic checksum that is stored on a second disk connected to the first SPI. When the file reaches the first SPI, it computes the cryptographic checksum of the file and compares it with the checksum stored on the second disk. If the two match, it assumes that the file is uncorrupted. If not, the SPI requests a clean copy from the second disk, records the corruption in a log, and notifies the user, who can update the main disk.

The information flow being restricted here is an integrity flow, rather than the confidentiality flow of the other examples. The inhibition is not to prevent the corrupt data from being seen, but to prevent the system from trusting it. This emphasizes that, although information flow is usually seen as a mechanism for maintaining confidentiality, its application in maintaining integrity is equally important.

Secure Network Server Mail Guard

Consider two networks, one of which has data classified SECRET and the other of which is a public network. The authorities controlling the SECRET network need to allow electronic mail to go to the unclassified network. They do not want SECRET information to transit the unclassified network, of course. The Secure Network Server Mail Guard (SNSMG) is a computer that sits between the two networks. It analyzes messages and, when needed, sanitizes or blocks them.

For this example, assume that the network has only one category, which we omit.

The SNSMG accepts messages from either network to be forwarded to the other. It then applies several filters to the message; the specific filters may depend on the source address, destination address, sender, recipient, and/or contents of the message. Examples of the functions of such filters are as follows.

  • Check that the sender of a message from the SECRET network is authorized to send messages to the unclassified network.

  • Scan any attachments to messages coming from the unclassified network to locate, and eliminate, any computer viruses.

  • Require all messages moving from the SECRET to the unclassified network to have a clearance label, and if the label is anything other than UNCLASS (unclassified), encipher the message before forwarding it to the unclassified network.

The SNSMG is a computer that runs two different message transfer agents (MTAs), one for the SECRET network and one for the unclassified network. It uses an assured pipeline to move messages from the MTA to the filter, and vice versa. In this pipeline, messages output from the SECRET network's MTA have type a, and messages output from the filters have a different type, type b. The unclassified network's MTA will accept as input only messages of type b. If a message somehow goes from the SECRET network's MTA to the unclassified network's MTA, the unclassified network's MTA will reject the message as being of the wrong type. The SNSMG is processing a message from the SECRET network. The filters are part of a highly trusted system and perform checking and sanitizing of messages.

The SNSMG is an information flow enforcement mechanism. It ensures that information cannot flow from a higher security level to a lower one. It can perform other functions, such as restricting the flow of untrusted information from the unclassified network to the trusted, SECRET network. In this sense, the information flow is an integrity issue, not a confidentiality issue.

Share
Leave a comment or ask a question
Total comments: 0

Data security Disclaimer

  • The e-articles directory is not responsible for any and all copyright infringements by writers and authors. If you suspect the information contained by this page for any copyright infringements, please contact us to investigate the issue
How to protect against Spoofing and Session Hijacking - Spoofing is the term hackers use to describe the act of faking information sent to a computer. This is a broad definition of spoofing, but there are many subtle variations of this attack. Howev (more...)
Online Security on Public Computers - Using public computers can put you at risk for password hackers who use tools such as keystroke logging devices. Find out how to protect yourself from criminals preying on public computers. (more...)
How to Create a Strong Password - Using a password keeper can help you keep your online information more secure by allowing you to create more complex passwords for your Internet accounts without having to remember them. Here a (more...)
How Many Passwords do You Know to Protect Your Computer Privacy - 1.Administrators Password: It is the most common way to lock your computer. But is it the safest way? Mostly, it is the easiest way to lock your computer. How to (more...)
What will be a perfect password - Myth: if it is encrypted, it is secure Truth: if it is not encrypted, it is not secure Before creating a password you should know: ⑴ NO passwo (more...)
How to bypass Windows Password - Forgot or lost windows password? Have been locked out of computer? Do not want to reinstall the computer because there is vital data on your computer? Oh, well, it is not that scar (more...)
UniKey API protection scheme ensures the highest security for software vendors - A question that regularly was come up is whether software could be one hundred percent secured by a dongle, or thought some dongles have been seriously cracked, why most expensive software still us (more...)
Sharing online passwords with important people - On the surface, it might seem ludicrous to think that anyone would want to share their important Internet passwords with other people. But the truth is that there are many instances where you might (more...)
Using tags can help you organize your passwords - For people with multiple Internet log-ins, keeping them organized can be incredibly complex. A service like Mitto.com can simplify the process by allowing you to attach tags to your log-in info (more...)
Rogue antispyware is a danger for all Internet users - There are several common but very popular viruses that everyone can catch nowadays. That's swine flue and malicious software. Swine flue can be dangerous to your health though in the most cases it (more...)
 
free content
    Copyright © 2006 - 2012 e-articles.info.
The texts, articles and tutorials in the directory are property of their respective owners and authors.