Research on an Application Class Communication Security Model on Operating System Security Framework

The classical BLP model is recognized as the theoretical foundation of solving confidentiality problem. Biba model of solving integrity is easily realized in secure computer systems. In order to solve the contradiction between information sharing and security in the application system, a new application class communication security model is constructed theoretically based on the abstraction of application class. The new model introduces integrity rules to measure the trust level of sharing information between different application classes, thus combining BLP model and Biba model with no conflict. A formal description and verification on the model is detailed, which provides both the confidentiality and integrity for the system. With the development of a secure file transfer application system, which is based on the browser/server application pattern, the way to implement the new model in the Linux operating system is described and the performance of the system is discussed.