Embed Size (px)
Citation preview
Presented by
Erland JonssonDepartment of Computer Science and Engineering
Advantages: ◦ A subject may not downgrade information
Problems:◦ High users can never talk to low users◦ Only confidentiality◦ Anyone can create an object with a higher
classification◦ ”Float-up” (i.e. down-grade needed)◦ Does not address access control◦ Does not address covert channels
Principle of tranquility – Subjects and objects may not change their security level once they are instantiated
KBM – Swedish Emergency Management Ageny (Krisberedskapsmyndigheten) - Emergency Management / Leading Role[->Myndigheten för Samhällskydd och Beredskap from 2009]
PTS – National Post and Telecom Agency(Post och Telestyrelsen) – IT incidents (CERT)
FMV – Swedish Defence Material Administra-tion (Försvarets Materielverk) - certification
FRA – National Defence Radio Establish-ment (Försvarets Radioanstalt) – crypto certification
