Title: Data dissemination and policy enforcement in multi-level secure multi-domain environments

Authors: Joon Son; Essia Hamouda; Garo Pannosian; Vijay Bhuse

Addresses: Department of Information and Decision Sciences, California State University San Bernardino, CA, USA ' Department of Information and Decision Sciences, California State University San Bernardino, CA, USA ' Department of Information and Decision Sciences, California State University San Bernardino, CA, USA ' Computer Science, Grand Valley State University, MI, USA

Abstract: Several challenges exist in disseminating multi-level secure (MLS) data in multi-domain environments. First, the security domains participating in data dissemination generally use different MLS labels and lattice structures. Second, when MLS data objects are transferred across multiple domains, there is a need for an agreed security policy that must be properly applied, and correctly enforced for the data objects. Moreover, the data sender may not be able to predetermine the data recipients located beyond its trust boundary. To address these challenges, we propose a new framework that enables secure dissemination and access of the data as intended by the owner. Our novel framework leverages simple public key infrastructure and active bundle, and allows domains to securely disseminate data without the need to repackage it for each domain.

Keywords: active bundle; simple public key infrastructure; SPKI; mandatory access control; MAC; trust delegation; authorisation certificate.

DOI: 10.1504/IJICS.2024.141603

International Journal of Information and Computer Security, 2024 Vol.24 No.3/4, pp.338 - 360

Received: 03 Jul 2023
Accepted: 01 Nov 2023
Published online: 26 Sep 2024 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article