There has long existed a need for the secure handling of data within computer systems and networks. In the modern information society, it is very easy to distribute and communicate information in electronic form. The ease of communicating information has brought about new difficulties regarding the security and access control of electronic information and data. Various prior art information assurance techniques and systems have been developed that attempt to identify and counteract actual or potential threats to the confidentiality, integrity, and availability of data within systems and networks; however, a number of limitations are inherent in these prior art techniques and systems.
One technique that is currently in practice for securing information is called mandatory access control (MAC). In MAC, a data marker, or label, is associated with an item of data, or object, in electronic storage. The associated label is utilized to provide a representation of an abstract security level for the data object. For example, the associated label may identify the data object as “proprietary” data or as “confidential” data. The associated label may also specify control or compartment specifications and/or release markings. A control or compartment specification may specify compartments that are permitted to access the data. For example, a compartment specification may specify that members of “Project X” are permitted to access the data. A release marking may specify organizations or groups that are permitted to access the data such as, for example, the “Accounting Office,” “Executive Management,” or “Not for Release to Contractors.”
Labels that are associated with a data object are later compared to the security level of a subject when a request for the data is made. The subject is typically a user, a software program, a network station, or another system. The object data is released only when the security level of the subject equals or exceeds that of the object. In other words, the object is only released when the security level of the subject dominates that of the object.
Although several information assurance techniques, including MAC, exist for marking data, the practical applicability of current data marking, control, and evaluation techniques are often fraught with technical and organizational problems. Specifically, existing storage and marking techniques are typically specific to a particular operating system and/or software vendor. As a result, object data that is marked utilizing a first marking and evaluation technique cannot be accessed by a system that utilizes a second marking and evaluation technique. In fact, there may exist divergent methods for marking and evaluation within a single operating environment depending on the file storage system and software in use. The combination of multiple operating system and software packages results in the marking of data objects according to a myriad of techniques that are incompatible with one another.
Additionally, the design, engineering, and implementation of information assurance systems is time consuming and expensive largely due to the mapping and integration of their complex capabilities into a comprehensive security approach or policy. The time and cost needed to successfully implement an information assurance system is also affected by the experience and knowledge of the developers and engineers responsible for its development, testing, and deployment. In many cases, the development staff is aware of the core functional requirements of a specific application such as, for example, the means for creating a report using underlying business data; however, the development staff often possesses only rudimentary knowledge regarding the theory and practical application of information assurance techniques. This disconnect often results in ineffective security enforcement within the application, network or system, which can lead to excessive disclosure of protected information.
Additionally, many existing information assurance products are designed to protect simple file-based access solutions and do not take into account dynamically generated data or information. In other words, the existing systems can protect a stored file but cannot adequately protect data that is dynamically generated in real time.
Additional information assurance challenges exist in the Service Oriented Architectures (SOA) that are rapidly gaining prominence within software developer communities. The methodologies behind SOA depend on numerous self-reliant and independent software capabilities or functions that make themselves available for other services and applications to access, update, and use. These independent services further complicate the information assurance landscape because each service is free to establish its own security methods and policy.
Another obstacle to the development and deployment of information assurance systems is the concern over the performance of the system. Existing architectures and software typically incur a non-trivial impact on overall system performance through the use of software and hardware intended to control access to network and system resources. These systems, which may be referred to as controlled interfaces or guard gateways, perform evaluation of data and labels before finally delivering data to a requesting entity. A controlled interface typically filters data as it is delivered, resulting in a computationally expensive operation that degrades overall system performance.
Accordingly, there is a need for improved systems and methods for the secure control of data within heterogeneous computer systems and networks.