Proposal of the hierarchical file server groups for implementing mandatory access control

Taketoshi Sakuraba, Kouichi Sakurai

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

An accessible implementation of MAC for file access is proposed. Instead of traditional but unfamiliar MAC aware tools such as secure-OSs, the security enforcement mechanism of our proposal is FSG (file server group) which is structured so that they reflect a security policy of the organization. Using ordinal file servers, it is accessible to the most of commercial office environment. We also propose the use of FCA (formal concept analysis), a technology for knowledge extraction, to derive the structure of FSG for information flow enforcement. An advantage of use of FCA is that it directly produces configuration parameters such as access points of users as the knowledge extracted from organizational security policy. The configuration of the file server group is easy to understand, and the management cost of FSG is lower than that of the ordinary flat structured file servers.

Original languageEnglish
Title of host publicationProceedings - 6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012
Pages639-644
Number of pages6
DOIs
Publication statusPublished - Oct 26 2012
Event6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012 - Palermo, Italy
Duration: Jul 4 2012Jul 6 2012

Publication series

NameProceedings - 6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012

Other

Other6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012
CountryItaly
CityPalermo
Period7/4/127/6/12

Fingerprint

Access control
Servers
security policy
Formal concept analysis
Group
information flow
organization
costs
management
Costs

All Science Journal Classification (ASJC) codes

  • Signal Processing
  • Communication

Cite this

Sakuraba, T., & Sakurai, K. (2012). Proposal of the hierarchical file server groups for implementing mandatory access control. In Proceedings - 6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012 (pp. 639-644). [6296929] (Proceedings - 6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012). https://doi.org/10.1109/IMIS.2012.129

Proposal of the hierarchical file server groups for implementing mandatory access control. / Sakuraba, Taketoshi; Sakurai, Kouichi.

Proceedings - 6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012. 2012. p. 639-644 6296929 (Proceedings - 6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Sakuraba, T & Sakurai, K 2012, Proposal of the hierarchical file server groups for implementing mandatory access control. in Proceedings - 6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012., 6296929, Proceedings - 6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012, pp. 639-644, 6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012, Palermo, Italy, 7/4/12. https://doi.org/10.1109/IMIS.2012.129
Sakuraba T, Sakurai K. Proposal of the hierarchical file server groups for implementing mandatory access control. In Proceedings - 6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012. 2012. p. 639-644. 6296929. (Proceedings - 6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012). https://doi.org/10.1109/IMIS.2012.129
Sakuraba, Taketoshi ; Sakurai, Kouichi. / Proposal of the hierarchical file server groups for implementing mandatory access control. Proceedings - 6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012. 2012. pp. 639-644 (Proceedings - 6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012).
@inproceedings{a43d2374c8c64746b43c145fa9061ab8,
title = "Proposal of the hierarchical file server groups for implementing mandatory access control",
abstract = "An accessible implementation of MAC for file access is proposed. Instead of traditional but unfamiliar MAC aware tools such as secure-OSs, the security enforcement mechanism of our proposal is FSG (file server group) which is structured so that they reflect a security policy of the organization. Using ordinal file servers, it is accessible to the most of commercial office environment. We also propose the use of FCA (formal concept analysis), a technology for knowledge extraction, to derive the structure of FSG for information flow enforcement. An advantage of use of FCA is that it directly produces configuration parameters such as access points of users as the knowledge extracted from organizational security policy. The configuration of the file server group is easy to understand, and the management cost of FSG is lower than that of the ordinary flat structured file servers.",
author = "Taketoshi Sakuraba and Kouichi Sakurai",
year = "2012",
month = "10",
day = "26",
doi = "10.1109/IMIS.2012.129",
language = "English",
isbn = "9780769546841",
series = "Proceedings - 6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012",
pages = "639--644",
booktitle = "Proceedings - 6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012",

}

TY - GEN

T1 - Proposal of the hierarchical file server groups for implementing mandatory access control

AU - Sakuraba, Taketoshi

AU - Sakurai, Kouichi

PY - 2012/10/26

Y1 - 2012/10/26

N2 - An accessible implementation of MAC for file access is proposed. Instead of traditional but unfamiliar MAC aware tools such as secure-OSs, the security enforcement mechanism of our proposal is FSG (file server group) which is structured so that they reflect a security policy of the organization. Using ordinal file servers, it is accessible to the most of commercial office environment. We also propose the use of FCA (formal concept analysis), a technology for knowledge extraction, to derive the structure of FSG for information flow enforcement. An advantage of use of FCA is that it directly produces configuration parameters such as access points of users as the knowledge extracted from organizational security policy. The configuration of the file server group is easy to understand, and the management cost of FSG is lower than that of the ordinary flat structured file servers.

AB - An accessible implementation of MAC for file access is proposed. Instead of traditional but unfamiliar MAC aware tools such as secure-OSs, the security enforcement mechanism of our proposal is FSG (file server group) which is structured so that they reflect a security policy of the organization. Using ordinal file servers, it is accessible to the most of commercial office environment. We also propose the use of FCA (formal concept analysis), a technology for knowledge extraction, to derive the structure of FSG for information flow enforcement. An advantage of use of FCA is that it directly produces configuration parameters such as access points of users as the knowledge extracted from organizational security policy. The configuration of the file server group is easy to understand, and the management cost of FSG is lower than that of the ordinary flat structured file servers.

UR - http://www.scopus.com/inward/record.url?scp=84867731941&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84867731941&partnerID=8YFLogxK

U2 - 10.1109/IMIS.2012.129

DO - 10.1109/IMIS.2012.129

M3 - Conference contribution

AN - SCOPUS:84867731941

SN - 9780769546841

T3 - Proceedings - 6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012

SP - 639

EP - 644

BT - Proceedings - 6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012

ER -