Adding security to remote file access is merely a matter of taking the
various secure requirements, and the technology presented in chapter
4, and applying them to the particular file access protocol in hand.
One existing example of this is the Multi-level secure version of the
Network File System presented earlier:
This includes discretionary access control
(DAC), subject and object security labeling, mandatory
access control (MAC), authentication, auditing, and documentation.
NFS provides authentication in a range of ways, and by extending the
credentials required, one can provide multiple levels of access. For
example, MLS adds:
-
audit id - immutable subject (user) identifier,
not affected by modifications to either the real
or effective user or group identifiers,
-
sensitivity label - used with a MAC policy; a subject
generally has a static, top-level clearance,
but is permitted to execute processes at a sensitivity level
different from (i.e. lower than) his/her actual clearance,
-
information label - used with a CMW dual level
labeling policy; dynamically adjusted based upon
the information content associated with the sub-
ject (or object),
-
integrity label - used with commercial, multi-
party security policy (e.g., Clark-Wilson)
-
privilege mask - used to identify privileges
(e.g., chown, chmod) or ''rights'' granted to a
given subject, generally to override an existing
security policy,