Fourth European Symposium on Research in Computer Security (ESORICS 96)

A Multilevel Security Model For Distributed Object Systems

Vincent Nicomette, Yves Deswarte

Abstract : In this paper, the Bell-LaPadula model for multilevel secure computer systems is discussed. We describe the principles of this model and we try to show some of its limits. Then we present some possible extensions of this model, with their drawbacks and advantages. We finally present our own extension of the model for object-oriented systems. In this last section, we first explain the principles of our security policy, then we describe the roles of our authorization scheme and we give an example of a typical scenario in a distributed object-oriented system.

