Recommendations and a Plan of Action for Standardized Security Labeling.
Abstract
The Department of Defense (DoD) recognizes that today's ever-increasing use of information technology to conduct routine business makes protecting automated information essential. Security labels are one type of computer security mechanism used to facilitate controlled access to information in a shared resource environment. The purpose of this report is to recommend how computer security label standards should be pursued in light of existing labeling technology and the new security architecture being developed for DoD. Label standards are necessary to facilitate the integration, interoperability, and cost-effective implementation of protection in information systems. The authors of the report examined existing label implementations, leveraged and synthesized related work, and studied existing and emerging label standardization efforts to gain a better understanding of the successes and failures of labeling technologies and standards. As this work progressed, the authors discovered that the DoD Goal Security Architecture (DGSA) was an emerging architecture that could significantly change how information will be protected by the DoD in the foreseeable future. Therefore, the report presents a brief description of the DGSA and formalizes its fundamental security concepts and principles before making recommendations about pursuing security label standardization.
Document Details
- Document Type
- Technical Report
- Publication Date
- Jul 01, 1995
- Accession Number
- ADA317735
Entities
People
- Edward A. Feustel
- Ron S. Ross
- Stephen M. Boone
- W. T. Mayfield
Organizations
- Institute for Defense Analyses