Distributed file system over a multilevel secure architecture problems and solutions
This paper presents the principles of a distributed and secure file system. It relies on M2S machines and a secure network which control dependencies and avoid any storage and temporal covert channel. It describes how, from NFS (Network File System) principles, we adapt the organization and the structures to obtain practical services despite constraining controls performed by the hardware. Finally it proves that it is possible to obtain a practical distributed file system, with usable features without any compromise on security enforcement.
KeywordsSecurity Distributed file system Multilevel security M2S machine secure LAN
Unable to display preview. Download preview PDF.
- 1.B. d'Ausbourg, C. Calas “Unix services for multilevel storage and communications over a LAN” — Proceeding of the Winter 93 USENIX Technical Conference, San Diego, 1993 Google Scholar
- 2.B. d'Ausbourg, J-H. Llareus “M 2 S: A Machine for Multilevel Security” — Proceeding of Esorics '92, Toulouse, November 23–25, 1992 Google Scholar
- 3.P. Bieber, F. Cuppens “A Logical view of Secure Dependencies” — Journal of Computer Security, Vol 1, Nr 1, 1992 Google Scholar
- 4.Thomas A. Casey Jr., Stephen T. Vinter, D.G. Weber, R. Varadarajan, D. Rosenthal “A Secure Distributed Operating System” — Proceeding of IEEE Symposium on Security and Privacy, Oakland, April 18–21, 1988.Google Scholar
- 5.Glenn H. MacEwen, Bruce Burwell, Zhuo-Jun Lu “Multi-Level Security Based on Physical Distribution” — Proceeding of IEEE Symposium on Security and Privacy, Oakland, 1984.Google Scholar
- 6.Richard E. Smith “MLS File Service for Network Data Sharing” — Proceeding of Computer Security Applications Conference, Orlando December 6–10, 1993 Google Scholar