Page 117 - DCAP516_COMPUTER_SECURITY
P. 117
Unit 9: Database Security
There are several databases classified as MLS systems. Oracle has a product named Oracle Label Notes
Security (OLS) that implements Mandatory Access Controls - typically by adding a ‘label’ column
to each table in the database. OLS is being deployed at the US Army INSCOM as the foundation
of an ‘all source’ intelligence database spanning the JWICS and SIPRNet networks. There is a
project to create a labeled version of PostgreSQL, and there are also older labeled database
implementations such as Trusted Rubix. These MLS database systems provide a unified backend
system for content spanning multiple labels, but they do not resolve the challenge of having
users process content at multiple security levels in a single system while enforcing Mandatory
Access Controls.
There are also several MLS end user applications. One of the best known is the Trusted Network
Environment (TNE) by General Dynamics. TNE is currently accredited and in production, and it
is classified on the UCDMO’s baseline as a Cross Domain Multi-Level system. TNE was originally
created on Trusted Solaris 8, though it has recently been migrated to Solaris 10. It provides a file
manager and email client among other capabilities. The other MLS capability currently on the
UCDMO baseline is called MLChat, and it is a chat server that runs on the XTS-400 operating
system - it was created by the US Naval Research Laboratory. Given that content from users at
different domains passes through the MLChat server, dirty word scanning is employed to
protect classified content, and there has been some debate as to whether this is truly an MLS
system or really a form of cross domain transfer data guard. Mandatory Access Controls are
maintained by a combination of XTS-400 mechanisms and application-specific mechanisms.
MLS applications not currently part of the UCDMO baseline include the Joint Cross Domain
eXchange (JCDX), and several applications from BlueSpace. JCDX is a multi-level command and
control (C2) system developed by the US Navy. Originally built on HP UX, it was recently
ported to SE Linux by SPAWAR and Accenture. BlueSpace has several MLS applications, including
an MLS email client, an MLS search application and an MLS C2 system. BlueSpace leverages a
middleware strategy to enable its applications to be platform neutral, orchestrating a single
user interface across multiple Windows OS instances (virtualized or remote terminal sessions).
The US Naval Research Laboratory has also implemented a multilevel web application
framework called MLWeb which integrates the Ruby on Rails framework with a multilevel
database based on SQLite3.
Task State some applications of MLS
9.4.3 MLS Future
Perhaps the greatest change going on in the multi-level security arena today is the convergence
of MLS with virtualization. An increasing number of trusted operating systems are moving
away from labeling files and processes, and are instead moving towards UNIX containers or
virtual machines. Examples include zones in Solaris 10 TX, and the padded cell hypervisor in
systems such as Green Hill’s Integrity platform, and XenClient XT from Citrix. The High Assurance
Platform from NSA as implemented in General Dynamics’ Trusted Virtualization Environment
(TVE) is another example - it uses SE Linux at its core, and can support MLS applications that span
multiple domains.
Self Assessment
Fill in the blanks:
6. A ……………….. document is one that has been edited to remove information that the
less-cleared individual is not allowed to see.
LOVELY PROFESSIONAL UNIVERSITY 111
