Simultaneous enforcement of the Bell-LaPadula and the Biba securitypolicy models in an OSI-distributed system

摘要

The article concentrates on enforcing security policies on adistributed basis. More specifically, the Biba and the B-LP securitypolicies are addressed. Key-distributions are analysed which are inconformance with the two policies. It turned out that the Biba and theB-LP models can be enforced if the OSI-RM communication subsystem ofeach end-system is equipped with one key-pair of a public key system(PKS). If no end-system were broken, then the key-pair in everyend-system may be the same. In that case however, the consequences ofbreaking an end-system are disastrous. A key-distribution where eachend-system is equipped with a (different) key-pair is much moreresistant against breaking an end-system: in that case the consequencesof breaking an end-system can be as limited as possible. Besides, thelatter key-distribution enables identification and exclusion of thebroken end-system. Consequently, the other end-systems can go oncommunicating according to their respective security policies as theydid before