Information sharing in secure systems

Abstract

The author attempts to establish a theoretical foundation for secure information sharing. He proposes a secure system structuring construct, called a secure object manager, as an example of a one-way information sharing mechanism. Secrecy, integrity, and availability requirements for the secure object manager are defined. A formal system model, including a careful treatment of communication via bounded buffers, is developed. Then he formally defines secrecy in terms of the model. This definition of secrecy precludes all covert channels, including storage, probabilistic, and timing channels. An implementation of the secure object manager that satisfies all the requirements considered is presented.<>