Proceedings ArticleDOI
Security Policies and Security Models
Joseph A. Goguen,José Meseguer +1 more
- pp 11-11
Reads0
Chats0
TLDR
The reader is familiar with the ubiquity of information in the modern world and is sympathetic with the need for restricting rights to read, add, modify, or delete information in specific contexts.Abstract:
We assune that the reader is familiar with the ubiquity of information in the modern world and is sympathetic with the need for restricting rights to read, add, modify, or delete information in specific contexts. This need is particularly acute for systems having computers as significant components.read more
Citations
More filters
Journal ArticleDOI
Language-based information-flow security
Andrei Sabelfeld,Andrew C. Myers +1 more
TL;DR: A structured view of research on information-flow security is given, particularly focusing on work that uses static program analysis to enforce information- flow policies, and some important open challenges are identified.
Book
Security Engineering: A Guide to Building Dependable Distributed Systems
TL;DR: In almost 600 pages of riveting detail, Ross Anderson warns us not to be seduced by the latest defensive technologies, never to underestimate human ingenuity, and always use common sense in defending valuables.
Journal ArticleDOI
Enforceable security policies
TL;DR: A precise characterization is given for the class of security policies enforceable with mechanisms that work by monitoring system execution, and automata are introduced for specifying exactly that class ofSecurity policies.
Journal ArticleDOI
A sound type system for secure flow analysis
TL;DR: This work forms Denning’s approach as a type system and presents a notion of soundness for the system that can be viewed as a form of noninterference.
Journal ArticleDOI
Lattice-based access control models
TL;DR: A balanced perspective on lattice-based access control models is provided and information flow policies, the military lattice,Access control models, the Bell-LaPadula model, the Biba model and duality, and the Chinese Wall lattice are reviewed.
References
More filters
Journal ArticleDOI
Formal Models of Capability-Based Protection Systems
TL;DR: The role of formal modeling in the study of capability- based protection systems is explained and a survey of several important capability-based models including the Harrison, Ruzzo, Ullman model, the Take-Grant model, and grammatical models are given.
ReportDOI
A Technique for Proving Specifications are Multilevel Secure
TL;DR: A technique for verifying that a design for an operating system or subsystem expressed in terms of a formal specification is consistent with a particular model of multilevel security, which gives assurance that the given design is multileVEL secure by this particular model.
Journal ArticleDOI
On a political pamphlet from the middle ages
TL;DR: In this paper, the authors claim that trying to prove the correctness of programs is a futile effort, and therefore, a bad idea, and give a complete caricature of program verification, suggesting that on the average one line of a program requires 66 lines of formal correctness proof.