Laboratory Information Management Systems - Research Proposal Example

THE APPLICATIONOF THE BELL-LAPADULA MODEL FOR LABORATORY INFORMATION MANAGEMENT SYSTEMS By Your here A DISSERTATION Submitted to The University of In partial fulfillment of the requirements for the degree of MASTER OF SCIENCE 07/07/ 2007 ABSTRACT This is a research conducted by investigating the possible practical applications of the Bell-Lapadula model in library information management systems (LIMS). The main aim of modern security research is to facilitate the construction of multilevel secure systems, which can protect information of differing classification from users that have varying levels of clearance. Since publication, the Bell-LaPadula model has helped in the advancement of science and technology by providing a mathematical basis for the examination of laboratory security. Moreover, this model has been major component of having a disciplined approach to the building of effective and secure laboratory systems. DECLARATION I hereby certify that this dissertation constitutes my own product, that where the language of others is set forth, quotation marks so indicate, and that appropriate credit is given where I have used the language, ideas, expressions, or writings of another. I declare that the dissertation describes original work that has not previously been presented for the award of any other degree of any institution. Signed, Your-name-here ACKNOWLEDGEMENTS TABLE OF CONTENTS Page LIST OF TABLES 7 LIST OF FIGURES 8 Chapter 1. Introduction 9 Chapter 2. Background and review of literature 15 Chapter 3. Theory 16 Chapter 4. Analysis and Design 17 Chapter 5. Methods and Realization 18 Chapter 6. Results and Evaluation 19 Chapter 7. Conclusions 20 REFRENCES 21 LIST OF TABLES Page LIST OF FIGURES Page Chapter 1. Introduction The objective of this research is to ascertain the ways in which the bell-lapadula model can be applied to Laboratory Information Management Systems. Laboratory automation occurs when the application of technology is used to reduce the need for human intervention in the laboratory. This makes it possible for scientists to explore data rates that otherwise may be too fast or too slow for proper scientific examination. In recent years, the Bell-LaPadula model has been employed more and more in scientific laboratories, and has also dominated efforts to build secure computer systems for laboratory use. Since publication, the Bell-LaPadula model has helped in the advancement of science and technology by providing a mathematical basis for the examination of laboratory security. Moreover, this model is a major component of having a disciplined approach to building secure and effective laboratory systems. The Bell-LaPadula model can also be used to abstractly describe the computer security system in the laboratory, without regard to the system's application. The goal of modern security research is to facilitate the construction of multilevel secure systems, which can protect information of differing classification from users that have varying levels of clearance. There are some deficiencies inherent in the Bell and LaPadula model, and there have been efforts to develop a new approach to defining laboratory security models, on the basis that security models should be derived from specific applications. Scope This dissertation covers the applicability of the bell-lapadula model in Laboratory Information Management Systems, and the limitations involved in the use of the Bell-LaPadula model, including an absence of policies for changing user access rights. Also to be covered is the relationship that this model has with other existing security policy models available, and the possibility of using the model in other applications where information exposure must be localized, for example in private banking and in the management of intelligence data. Problem Statement The use of the Bell and LaPadula Model has been successful in modeling information that is relevant to security, even though this success might be responsible for the vagueness of the model about its primitives. This vagueness can also be examined with respect to the theory that the Bell and LaPadula Model and Noninterference are equivalent. Laboratory automation makes it possible for scientists to explore data rates that otherwise may be too fast or too slow to properly examine. Therefore, an automated laboratory reduces the need for human intervention and creates a more efficient environment in which human beings and technology can interact to produce a great deal more information and accurate data that was not possible prior to automation. Its approach is to define a set of system constraints whose enforcement will prevent any application program executed on the system from compromising system security. The model includes subjects, which represent active entities in a system (such as active processes), and objects, which represent passive entities (such as files and inactive processes). Both subjects and objects have security levels, and the constraints on the system take the form of axioms that control the kinds of access subjects may have to objects. (http://chacs.nrl.navy.mil/publications/CHACS/2001/2001landwehr-ACSAC.pdf) While the complete formal statement of the Bell-LaPadula model is quite complex, the model can be briefly summarized by these two axioms stated below: (a) The simple security rule, which states that a subject cannot read information for which it is not cleared (i.e. no read up) (b) The property that states that a subject cannot move information from an object with a higher security classification to an object with a lower classification (i.e. no write down). (http://chacs.nrl.navy.mil/publications/CHACS/2001/2001landwehr-ACSAC.pdf) These axioms are meant to be implemented by restriction of access rights that users or processes can have to certain objects like devices and files. The concept of trusted subjects is a less frequently described part of the Bell-LaPadula model. Systems that enforce the axioms of the original Bell-LaPadula model very strictly are often impractical, because in a real system, a user might need to invoke operations that would require subjects to violate the property, even though they do not go against our basic intuitive concept of laboratory security. For instance, there might be need in the laboratory to extract an UNCLASSIFIED paragraph from a CONFIDENTIAL document for use in a document that is UNCLASSIFIED. A system that strictly enforces the properties of the original Bell-LaPadula model might prohibit this kind of operation. As a result, a class of trusted subjects has had to be included in the Bell-LaPadula model, and is trusted not to violate security, although they might violate the property. Laboratory systems that are based on this less restrictive model usually have mechanisms that permit some of the operations that the property would normally not allow. It should also be noted that a number of projects have used the Bell-LaPadula model for description of their security requirements, although strict enforcement of the Bell-LaPadula axioms without the implementation of trusted subjects turns out to be overly restrictive in these projects. Thus, there has been widespread introduction of these trusted processes to implement the concept of trusted subjects. There are also some limitations involved in the use of the Bell-LaPadula model, including an absence of policies for changing user access rights. With this model, there can be secure and complete general downgrade, and is it is intended for systems that have static security levels. The Bell-Lapadula model would be a suitable idea for Laboratory Information Management Systems because the model focuses on data confidentiality and access to classified information, in contrast to some other models that describe rules for data protection and integrity. Clear and concise access rules for clinical information systems spells out by this model. Furthermore, it reflects current best clinical practice, and it's informed by the actual threats to privacy, its objective is to the maximum number of records accessed by any user, and at the same time the number of users who can access any record and this has to do with controlling information flows across rather than down and at the same time a strong notification property should be enforced. I will also discuss its relationship with other existing security policy models available, and the possibility of its usage in other applications where information exposure must be localized, which ranges from private banking to the management of intelligence data, and much more. Another area in which laboratories could benefit by using the Bell-Lapadula model is the multi million dollar drug industry, which requires a high level of security and confidentiality since drug research sensitive, and results or findings in an ongoing research may sometimes need to be kept from unauthorized persons. Approach This research will be conducted by investigating the possible practical applications of the Bell-Lapadula model. This would be conducted and tested physically and objectively. A prototype will be built in order for it to be properly tested, since it is practical. The testing stage will involve programming codes for different levels of security and the objective is to find out if security can be breached at any stage. Outcome Chapter 2. Background and review of literature Related Work Literature Industry Sources Chapter 3. Theory A B Chapter 4. Analysis and Design A B C Chapter 5. Methods and Realization A B C Chapter 6. Results and Evaluation A B C Chapter 7. Conclusions Lessons Learned Future Activity Prospects for Further Work REFRENCES Christine Paszko, Elizabeth Turner, Mary D. Hinton (2001). Laboratory Informa tion Management Systems http://chacs.nrl.navy.mil/publications/CHACS/2001/2001landwehr-ACSAC.pdf APPENDIX Read More