| 发明名称 |
Integrity mechanism for data transfer in a windowing system |
| 摘要 |
A secure process for untrusted windowing system client programs to transfer data between security domains is mediated by a special trusted client program, the Selection Manager. The mechanism used can be configured to meet the Compartmented Mode Workstation (CMW) requirements capability for regrading cut and paste operations. To meet the CMW cut and paste requirements and to prevent the regrading selection mechanism from acting as a covert channel, the regrading selection mechanism uses dummy window IDs in communicating to the lower level process during a Mandatory Access Control (MAC) upgrade operation, and for all regrading operations, an event is sent to the Selection Manager that causes the Selection Manager to put up a pop-up requesting user confirmation before the transfer is allowed to proceed. This selection mechanism supports configurable regrading selection operations for cutting and pasting (MAC upgrading for all users, MAC downgrading for privileged users, and information label upgrading and downgrading for all users).
|
| 申请公布号 |
US5590266(A) |
申请公布日期 |
1996.12.31 |
| 申请号 |
US19940321644 |
申请日期 |
1994.10.11 |
| 申请人 |
INTERNATIONAL BUSINESS MACHINES CORPORATION |
发明人 |
CARSON, MARK E.;RANGANATHAN, MUDUMBAI;CUGINI, JANET A.;ASAD, KHALID A. |
| 分类号 |
G06F3/14;G06F1/00;G06F3/048;G06F12/14;G06F21/00;G06F21/20;G06F21/24;(IPC1-7):G06F15/00 |
主分类号 |
G06F3/14 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
|
| 地址 |
|
