Melding security metadata between software and hardware

David Evans; David Eyers

doi:10.1145/2405153.2405166

Melding security metadata between software and hardware

David Evans David Eyers

Proceedings of the Posters and Demo Track, pp.1-2

Middleware '12: 13th International Middleware Conference

ACM Other Conferences

03/12/2012

: https://doi.org/10.1145/2405153.2405166

Security and privacy -- Systems security -- Information flow control

Security and privacy -- Systems security -- Operating systems security

Best practice for large-scale access control systems involves clear separation of security policy from application-specific functionality. Furthermore, policies should be abstracted away from the enforcement mechanisms used. Recent developments in hardware and software are providing new ways in which to build secure systems. This paper argues that in order to make best use of this computing evolution, beyond abstracting policy away from enforcement mechanisms there is a role for a trusted middleware component that can dynamically map security needs onto and between any hardware-assisted enforcement mechanisms that may be available. Specifically, we explore how various hardware technologies can provide a means to manage information flow control labels within mandatory access control.

: 9926549493401891
: Melding security metadata between software and hardware
: David Evans
David Eyers
: Eric Wohlstadter (Editor) - University of British Columbia
: Proceedings of the Posters and Demo Track, pp.1-2
: Middleware '12: 13th International Middleware Conference
: Computer Science
: ACM
: 03/12/2012
: English
: Conference proceeding