Military Communications and Information Technology: A Trusted ...
Military Communications and Information Technology: A Trusted ... Military Communications and Information Technology: A Trusted ...
440 Military Communications and Information Technology... the cryptographic access control paradigm to canonize this structure, and elaborate how the different aspects of permissions and eventual MLS sanitization affect the structure and can be realized in our setting. This paper is structured as follows: in chapter II we introduce the necessary background and review the related work; in the third chapter we view the setting more carefully in the format of environment assumptions; the fourth chapter lists the design principles and some of the operational details; chapter V is reserved for the schema itself and finally chapter VI concludes the paper. II. Background and related work A. Multi-Level Security (MLS) Multi-Level Security (MLS) refers to a concept, where information from different levels of security classification is allowed to coexist and be processed securely by personnel not necessarily cleared to the highest level. The term stems from a formalization of DoD security policy [3] and related risk analysis [16]. However, detailed definitions vary widely. In military vocabulary the most common definition binds MLS to a “security mode” and the access rights of end users. The defining part here is the user clearance, or right-to-know (RTK). RTK is more formally defined than need-to-know (NTK), as RTK is most often defined on the legislature level. Due to the mandatory nature of RTK and the high-risk scenarios with which the MLS concept is endowed, the assurance level for “true MLS” components is often very high. MLS employs a multitude of functions. Our main concern here is the information flow separation, or the isolation of information from different classification levels: generally it is desired to keep data (flows) from e.g. SECRET separate from data (flows) from RESTRICTED. Due to the high assurance levels required for this isolation, only two types have been used: physical (galvanic) and cryptographic separation. High-assurance virtualization techniques are also making their way to selected MLS sub-areas [9]. Enforcing the isolation with cryptography has been used and tried in multitude of systems and models, such as CBIS discussed in ch. II-B, but the main problem in these systems is key management: encrypted data itself is considered to be sufficiently well protected for the purpose of MLS isolation, but there are no formal models for key management, nor even satisfactory heuristic implementations suitable for large scale cryptographically enforced MLS systems. B. Content-Based Information Security (CBIS) The CBIS-concept (Content-Based Information Security) experimented by US DoD between 2000 and 2005 as an Advanced Concept and Technology Dem-
Chapter 4: Information Assurance & Cyber Defence 441 onstrator [15, 18] was aimed at the cryptographic solution of MLS. In CBIS, all the information is encrypted and signed, protecting the confidentiality and integrity of the document. The original CBIS effort was, however, abandoned as too expensive, possibly due to the constraints and difficulties in key management [1] and user authentication. The concept was revived in (at least) the Finnish military [12], where a different public-key management architecture (PKMA) was substituted for the PKI. The PKMA substituted in [12] was called identity-based cryptography (IBC, [6]). In IBC the identity itself acts as the public key, removing the need for certificates, enabling natural hierarchies and delayed creation for the private key. With IBC extensions, such as attribute-based encryption (ABE), it is possible to encode access structures directly to the ciphertexts. In the later CBIS concept, the actual content is endowed with different levels of metadata that can be used to embed security related information to the document itself, distributing the protection information from the reference monitor to the data itself. Adding metadata to the protected data blob implies the need to protect the metadata as well, and thus further levels of metadata. An obvious framework for dealing with intergrated data and metadata is eXtensible Markup Language (XML) framework. The work in [12] laid out several steps from moving traditional referencemonitor-based access control to cryptographically enforced, MLS-capable access control. These are depicted in Fig. 1. Figure 1. Moving from traditional access control to CBIS ([12]) In Fig. 1, the steps are not wholly sequential: e.g. attribute-based cryptography access control is trialled already as such ([17]), but it was deemed infeasible to leap to mostly academic technologies straight away. As can be seen, there will be a change of public-key cryptography paradigms, or key management architectures at some point. This alone places restrictions on how the actual hierarchical data should be structured, but it is also otherwise prudent to (functionally) separate content from security, and cryptographic key management from the rest of security functions as separate modules.
- Page 389 and 390: Chapter 4: Information Assurance &
- Page 391 and 392: Chapter 4: Information Assurance &
- Page 393 and 394: Chapter 4: Information Assurance &
- Page 395 and 396: Network Traffic Characteristics for
- Page 397 and 398: Chapter 4: Information Assurance &
- Page 399 and 400: Chapter 4: Information Assurance &
- Page 401 and 402: Chapter 4: Information Assurance &
- Page 403 and 404: Chapter 4: Information Assurance &
- Page 405 and 406: Chapter 4: Information Assurance &
- Page 407 and 408: Chapter 4: Information Assurance &
- Page 409 and 410: Chapter 4: Information Assurance &
- Page 411 and 412: Chapter 4: Information Assurance &
- Page 413 and 414: Chapter 4: Information Assurance &
- Page 415 and 416: Methodology for Gathering Data Conc
- Page 417 and 418: Chapter 4: Information Assurance &
- Page 419 and 420: Chapter 4: Information Assurance &
- Page 421 and 422: Chapter 4: Information Assurance &
- Page 423 and 424: Chapter 4: Information Assurance &
- Page 425 and 426: Chapter 4: Information Assurance &
- Page 427 and 428: Chapter 4: Information Assurance &
- Page 429: Chapter 4: Information Assurance &
- Page 432 and 433: 432 Military Communications and Inf
- Page 434 and 435: 434 Military Communications and Inf
- Page 436 and 437: 436 Military Communications and Inf
- Page 439: On Multi-Level Secure Structured Co
- Page 443 and 444: Chapter 4: Information Assurance &
- Page 445 and 446: Chapter 4: Information Assurance &
- Page 447 and 448: Chapter 4: Information Assurance &
- Page 449 and 450: Chapter 4: Information Assurance &
- Page 451 and 452: Chapter 4: Information Assurance &
- Page 453 and 454: Chapter 4: Information Assurance &
- Page 455 and 456: Generation of Nonlinear Feedback Sh
- Page 457 and 458: Chapter 4: Information Assurance &
- Page 459 and 460: Chapter 4: Information Assurance &
- Page 461 and 462: Chapter 4: Information Assurance &
- Page 463: Chapter 4: Information Assurance &
- Page 466 and 467: 466 Military Communications and Inf
- Page 468 and 469: 468 Military Communications and Inf
- Page 470 and 471: 470 Military Communications and Inf
- Page 472 and 473: 472 Military Communications and Inf
- Page 474 and 475: 474 Military Communications and Inf
- Page 476 and 477: 476 Military Communications and Inf
- Page 478 and 479: 478 Military Communications and Inf
- Page 480 and 481: 480 Military Communications and Inf
- Page 482 and 483: 482 Military Communications and Inf
- Page 485 and 486: Modern Usage of “Old” One-Time
- Page 487 and 488: Chapter 4: Information Assurance &
- Page 489 and 490: Chapter 4: Information Assurance &
Chapter 4: <strong>Information</strong> Assurance & Cyber Defence<br />
441<br />
onstrator [15, 18] was aimed at the cryptographic solution of MLS. In CBIS, all<br />
the information is encrypted <strong>and</strong> signed, protecting the confidentiality <strong>and</strong> integrity<br />
of the document.<br />
The original CBIS effort was, however, ab<strong>and</strong>oned as too expensive, possibly<br />
due to the constraints <strong>and</strong> difficulties in key management [1] <strong>and</strong> user authentication.<br />
The concept was revived in (at least) the Finnish military [12], where a different<br />
public-key management architecture (PKMA) was substituted for the PKI.<br />
The PKMA substituted in [12] was called identity-based cryptography<br />
(IBC, [6]). In IBC the identity itself acts as the public key, removing the need for<br />
certificates, enabling natural hierarchies <strong>and</strong> delayed creation for the private key.<br />
With IBC extensions, such as attribute-based encryption (ABE), it is possible to<br />
encode access structures directly to the ciphertexts.<br />
In the later CBIS concept, the actual content is endowed with different levels<br />
of metadata that can be used to embed security related information to the document<br />
itself, distributing the protection information from the reference monitor to<br />
the data itself.<br />
Adding metadata to the protected data blob implies the need to protect<br />
the metadata as well, <strong>and</strong> thus further levels of metadata. An obvious framework<br />
for dealing with intergrated data <strong>and</strong> metadata is eXtensible Markup Language<br />
(XML) framework.<br />
The work in [12] laid out several steps from moving traditional referencemonitor-based<br />
access control to cryptographically enforced, MLS-capable access<br />
control. These are depicted in Fig. 1.<br />
Figure 1. Moving from traditional access control to CBIS ([12])<br />
In Fig. 1, the steps are not wholly sequential: e.g. attribute-based cryptography<br />
access control is trialled already as such ([17]), but it was deemed infeasible to leap<br />
to mostly academic technologies straight away. As can be seen, there will be a change<br />
of public-key cryptography paradigms, or key management architectures at some<br />
point. This alone places restrictions on how the actual hierarchical data should be<br />
structured, but it is also otherwise prudent to (functionally) separate content from<br />
security, <strong>and</strong> cryptographic key management from the rest of security functions<br />
as separate modules.