Is Multi Level Security the Answer to Our InfoSec Woes?

2 points by mikewarot 5 years ago

It seems to me that for some reason almost everyone in the tech community doesn't know about Multi Level Security. (AKA Capability Based Security)

Multi-Level Security was developed in the 1970s after there were problems with air traffic control/flight plan data processing issues related to security classification levels during the Viet-Nam war.

Operating Systems that supported Capabilities such as GNOSIS were in operation in the 1970s. Multics was planned to add Capability Object support.

Unix short-circuited history, and for the most part, Capabilities were forgotten, because they were seen as unnecessary and wasteful of resource.

I believe it is time to re-examine these beliefs, and start a push towards widely deploying Multi Level Secure systems.

References:

https://en.wikipedia.org/wiki/Multilevel_security https://en.wikipedia.org/wiki/Bell%E2%80%93LaPadula_model https://en.wikipedia.org/wiki/KeyKOS https://en.wikipedia.org/wiki/Genode http://cap-lore.com/CapTheory/KK/

[Edit: Formatting/Spelling]

mikewarot 5 years ago

I want to know if I'm on the right path, or there is some aspect of this that I'm wildly wrong about.