Open AccessBook
Building a Secure Computer System
TLDR
This paper aims to clarify the role of encryption in the development of knowledge representation and provides some examples of how the model has changed over time from simple to complex to understandable.Abstract:
machines, 178, 179 Abstract model, 30, 31–32, 105–30. See also Security models Access class, 52, 112 dominates relationship between, 53, 122, 183-84 partial ordering of, 53, 122 SYSTEM HIGH/SYSTEM LOW, 123, 148 Access control, 22–23, 45–46. See also Multilevel security discretionary, 45, 47–50 input/output, 96–102 limiting Trojan horses with, 63–64 mandatory, 45, 50–51 with memory management, 83–86 network, 213–15 Access control list (ACL), 49–50 Access list, 48 Access matrix model, 109, 110 Bell and La Padula model, 123 ACF2 (software), 9 ACL. See Access control list (ACL) Address. See Virtual address space Adleman, L., 202 AFFIRM, 167, 168 Akers, R. L., 167 Algebraic specifications, 168 Algorithmic refinement, 178–81 Ames, S. R., Jr., 28, 131 Anderson, J. P., 131 Application mode, 27 Applications programs, 25, 26 Argument validation, 153 Arpanet Reference Model, 196 Ashland, R. E., 9, 51 Assertions, entry and exit, 190–92 Assurance, security control, 31 Asynchronous attack, 153–54 Atomic functions, 115 Authentication. See also Password(s) vs. identification, 18–19, 45–46 provided by encryption, 208 Authentication server, 221 Authorization, 22 Authorization server, 221read more
Citations
More filters
Journal ArticleDOI
A taxonomy of computer program security flaws
TL;DR: This survey provides a taxonomy for computer program security flaws, with an Appendix that documents 50 actual security flaws that provide a good introduction to the characteristics of security flaws and how they can arise.
Proceedings Article
Going beyond the sandbox: an overview of the new security architecture in the java TM development Kit 1.2
TL;DR: This paper describes the new security architecture that has been implemented aspart of JDK1.2, the forthcoming JavaTM Development Kit, and introduces the concept of protection domain and a few related security primitives that help to make the underlying protection mechanism more robust.
Journal ArticleDOI
Secrecy by typing in security protocols
TL;DR: These rules have the form of typing rules for a basic concurrent language with cryptographic primitives, the spi calculus, and guarantee that, if a protocol typechecks, then it does not leak its secret inputs.
ReportDOI
The flask security architecture: system support for diverse security policies
TL;DR: This paper presents an operating system security architecture that solves the problems of controlling the propagation of access rights, enforcing fine-grained access rights and supporting the revocation of previously granted access rights.
Journal ArticleDOI
Efficient Byzantine Fault-Tolerance
TL;DR: Two asynchronous Byzantine fault-tolerant state machine replication (BFT) algorithms, which improve previous algorithms in terms of several metrics, and can have better throughput than Castro and Liskov's PBFT, and better latency in networks with nonnegligible communication delays.
References
More filters
Journal ArticleDOI
A method for obtaining digital signatures and public-key cryptosystems
TL;DR: An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key.
Journal ArticleDOI
An axiomatic basis for computer programming
TL;DR: An attempt is made to explore the logical foundations of computer programming by use of techniques which were first applied in the study of geometry and have later been extended to other branches of mathematics.
Book
Cryptography and data security
TL;DR: The goal of this book is to introduce the mathematical principles of data security and to show how these principles apply to operating systems, database systems, and computer networks.
Journal ArticleDOI
A note on the confinement problem
TL;DR: A set of examples attempts to stake out the boundaries of the problem by defining a program during its execution so that it cannot transmit information to any other program except its caller.