Implementing Mandatory Network Security in a Policy-flexible System

Ajaya Chitturi
Department of Computer Science
University of Utah, Salt Lake City, UT 84112

Master's Thesis
April/June, 1998


The use of networks is growing continuously, constantly increasing the vulnerability of the computer systems that use them. Current solutions for network security, such as firewalls, cannot support sophisticated trust relationships with external entities and lack a comprehensive approach to security. Research in security has shown the usefulness of mandatory security mechanisms for supporting sophisticated trust relationships and secure endpoints in addition to secure communication channels. Other efforts at incorporating mandatory security mechanisms into the network stack have a limited notion of access control policies. This work deals with the design and implementation of a more comprehensive and flexible network security architecture that enforces a mandatory access control policy on network-related operations and a mandatory cryptographic policy on network traffic.

The implementation involves modifying the FreeBSD TCP/IP stack within the Flask secure operating system. Access control decisions are made in a policy-flexible manner by consulting a security server and security attributes are interpreted only by the security server. The access control design maps access control requirements to checks made at different layers in the network stack according to the functionality provided by the layer. This approach has several advantages, which include less time spent on illegal packets and the ability to specify policy in a fine-grain manner. Network cryptographic protection is provided using the IPsec protocol for cryptographic support and the ISAKMP protocol for key management.

Full thesis.