Research Article Open Access

A Design of MAC Model Based on the Separation of Duties and Data Coloring: DSDC-MAC

Soon-Book Lee1, Yoo-Hwan Kim2, Jin-Woo Kim1 and Chee-Yang Song3
  • 1 ROK Navy, Korea
  • 2 University of Nevada Las Vegas (UNLV), United States
  • 3 Kyungpook National University, Korea
Journal of Computer Science
Volume 16 No. 1, 2020, 72-91

DOI: https://doi.org/10.3844/jcssp.2020.72.91

Submitted On: 23 October 2019 Published On: 19 January 2020

How to Cite: Lee, S., Kim, Y., Kim, J. & Song, C. (2020). A Design of MAC Model Based on the Separation of Duties and Data Coloring: DSDC-MAC. Journal of Computer Science, 16(1), 72-91. https://doi.org/10.3844/jcssp.2020.72.91

Abstract

Among the access control methods for database security, there is Mandatory Access Control (MAC) model in which the security level is set to both the subject and the object to enhance the security control. Legacy MAC models have focused only on one thing, either confidentiality or integrity. Thus, it can cause collisions between security policies in supporting confidentiality and integrity simultaneously. In addition, they do not provide a granular security class policy of subjects and objects in terms of subjects' roles or tasks. In this paper, we present the security policy of Bell_LaPadula Model (BLP) model and Biba model as one complemented policy. In addition, Duties Separation and Data Coloring (DSDC)-MAC model applying new data coloring security method is proposed to enable granular access control from the viewpoint of Segregation of Duty (SoD). The case study demonstrated that the proposed modeling work maintains the practicality through the design of Human Resources management System. The proposed model in this study is suitable for organizations like military forces or intelligence agencies where confidential information should be carefully handled. Furthermore, this model is expected to protect systems against malicious insiders and improve the confidentiality and integrity of data

  • 605 Views
  • 274 Downloads
  • 0 Citations

Download

Keywords

  • Mandatory Access Control (MAC)
  • SoD-driven Access Control
  • Data Coloring Access Control
  • Security Key Authorization
  • Complemented BLP and Biba Model