Military Communications and Information Technology: A Trusted ...
Military Communications and Information Technology: A Trusted ... Military Communications and Information Technology: A Trusted ...
On Multi-Level Secure Structured Content: A Cryptographic Key Management – Independent XML Schema for MLS Content Mikko Kiviharju Electronics and Information Technology Division, Finnish Defence Forces Technical Research Centre, Riihimäki, Finland, mikko.kiviharju@mil.fi Abstract: Multi-Level Security, MLS, refers to handling information from different levels of security classification securely by people from different levels of clearance. We propose a structured document format to host data from different classification levels (e.g. RESTRICTED and SECRET) in the same, modifiable document. The document access control is enforced cryptographically – content and access control information is encrypted and digitally signed, but the document structure itself is independent of the adjoining key management architecture. We detail the different security-related metadata and sanitization procedures needed for passing data from a common storage to a user with lower clearance. Keywords: MLS; CBIS; XML; cryptography; key management I. Introduction Handling classified information in today’s networked world with conflicting needs to hide and to share both in homeland and in coalitions with dynamically shifting boundaries is becoming increasingly more cumbersome. Large information leaks from classified networks (e.g. the one described in [22]) are partly possible only because the concept of system-high networks has been stretched to its limits: it makes no sense to classify data (to e.g. MISSION SECRET), if most of the personnel are cleared to the highest level anyway. This is, however, currently the only economical solution dictated by the existing technology in use. Technologies that take full use of the security classification spectrum without trivial physical separation (and duplication) in hardware are called Multi-Level Secure (MLS). There have been a number of solutions aspiring to be MLS in the past, and the work is still ongoing. Our work concerns the cryptographic approach to enforce MLS. We envision structured documents (i.e. XML), with content from multiple different classifications, which is then encrypted, signed, and eventually filtered from the most sensitive items before given to the end user. We propose an XML schema based on
- Page 387 and 388: Chapter 4: Information Assurance &
- Page 389 and 390: Chapter 4: Information Assurance &
- Page 391 and 392: Chapter 4: Information Assurance &
- Page 393 and 394: Chapter 4: Information Assurance &
- Page 395 and 396: Network Traffic Characteristics for
- Page 397 and 398: Chapter 4: Information Assurance &
- Page 399 and 400: Chapter 4: Information Assurance &
- Page 401 and 402: Chapter 4: Information Assurance &
- Page 403 and 404: Chapter 4: Information Assurance &
- Page 405 and 406: Chapter 4: Information Assurance &
- Page 407 and 408: Chapter 4: Information Assurance &
- Page 409 and 410: Chapter 4: Information Assurance &
- Page 411 and 412: Chapter 4: Information Assurance &
- Page 413 and 414: Chapter 4: Information Assurance &
- Page 415 and 416: Methodology for Gathering Data Conc
- Page 417 and 418: Chapter 4: Information Assurance &
- Page 419 and 420: Chapter 4: Information Assurance &
- Page 421 and 422: Chapter 4: Information Assurance &
- Page 423 and 424: Chapter 4: Information Assurance &
- Page 425 and 426: Chapter 4: Information Assurance &
- Page 427 and 428: Chapter 4: Information Assurance &
- Page 429: Chapter 4: Information Assurance &
- Page 432 and 433: 432 Military Communications and Inf
- Page 434 and 435: 434 Military Communications and Inf
- Page 436 and 437: 436 Military Communications and Inf
- Page 440 and 441: 440 Military Communications and Inf
- Page 442 and 443: 442 Military Communications and Inf
- Page 444 and 445: 444 Military Communications and Inf
- Page 446 and 447: 446 Military Communications and Inf
- Page 448 and 449: 448 Military Communications and Inf
- Page 450 and 451: 450 Military Communications and Inf
- Page 452 and 453: 452 Military Communications and Inf
- Page 454 and 455: 454 Military Communications and Inf
- Page 456 and 457: 456 Military Communications and Inf
- Page 458 and 459: 458 Military Communications and Inf
- Page 460 and 461: 460 Military Communications and Inf
- Page 462 and 463: 462 Military Communications and Inf
- Page 465 and 466: Effective Generation of Cryptograph
- Page 467 and 468: Chapter 4: Information Assurance &
- Page 469 and 470: Chapter 4: Information Assurance &
- Page 471 and 472: Chapter 4: Information Assurance &
- Page 473 and 474: Chapter 4: Information Assurance &
- Page 475 and 476: Improving the Efficiency of Cryptog
- Page 477 and 478: Chapter 4: Information Assurance &
- Page 479 and 480: Chapter 4: Information Assurance &
- Page 481 and 482: Chapter 4: Information Assurance &
- Page 483: Chapter 4: Information Assurance &
- Page 486 and 487: 486 Military Communications and Inf
On Multi-Level Secure Structured Content:<br />
A Cryptographic Key Management<br />
– Independent XML Schema for MLS Content<br />
Mikko Kiviharju<br />
Electronics <strong>and</strong> <strong>Information</strong> <strong>Technology</strong> Division,<br />
Finnish Defence Forces Technical Research Centre, Riihimäki, Finl<strong>and</strong>,<br />
mikko.kiviharju@mil.fi<br />
Abstract: Multi-Level Security, MLS, refers to h<strong>and</strong>ling information from different levels of security<br />
classification securely by people from different levels of clearance. We propose a structured document<br />
format to host data from different classification levels (e.g. RESTRICTED <strong>and</strong> SECRET) in the same,<br />
modifiable document. The document access control is enforced cryptographically – content <strong>and</strong> access<br />
control information is encrypted <strong>and</strong> digitally signed, but the document structure itself is independent<br />
of the adjoining key management architecture. We detail the different security-related metadata <strong>and</strong><br />
sanitization procedures needed for passing data from a common storage to a user with lower clearance.<br />
Keywords: MLS; CBIS; XML; cryptography; key management<br />
I. Introduction<br />
H<strong>and</strong>ling classified information in today’s networked world with conflicting<br />
needs to hide <strong>and</strong> to share both in homel<strong>and</strong> <strong>and</strong> in coalitions with dynamically<br />
shifting boundaries is becoming increasingly more cumbersome.<br />
Large information leaks from classified networks (e.g. the one described in [22])<br />
are partly possible only because the concept of system-high networks has been<br />
stretched to its limits: it makes no sense to classify data (to e.g. MISSION SECRET),<br />
if most of the personnel are cleared to the highest level anyway. This is, however,<br />
currently the only economical solution dictated by the existing technology in use.<br />
Technologies that take full use of the security classification spectrum without<br />
trivial physical separation (<strong>and</strong> duplication) in hardware are called Multi-Level Secure<br />
(MLS). There have been a number of solutions aspiring to be MLS in the past,<br />
<strong>and</strong> the work is still ongoing.<br />
Our work concerns the cryptographic approach to enforce MLS. We envision<br />
structured documents (i.e. XML), with content from multiple different classifications,<br />
which is then encrypted, signed, <strong>and</strong> eventually filtered from the most<br />
sensitive items before given to the end user. We propose an XML schema based on