发布求助
文献互助 智能选刊 最新文献

Proceedings Seventh Annual Computer Security Applications Conference最新文献

筛选
英文 中文
Proposed security for critical Air Force missions 空军关键任务的拟议安全
Proceedings Seventh Annual Computer Security Applications Conference Pub Date : 1991-12-02 DOI: 10.1109/CSAC.1991.213004
H. Johnson, Chuck Arvin, Earl Jenkinson, B. Pierce
{"title":"Proposed security for critical Air Force missions","authors":"H. Johnson, Chuck Arvin, Earl Jenkinson, B. Pierce","doi":"10.1109/CSAC.1991.213004","DOIUrl":"https://doi.org/10.1109/CSAC.1991.213004","url":null,"abstract":"Air Force missions could be forced to fail by an enemy agent launching a malicious logic attack. These missions must be protected. Because of the imminent, potential danger, a protection approach has been developed that is easily understood and implemented for a minimum cost-because it uses Orange Book methods and mechanisms. The criteria for protection of critical systems are given as the G3 division/class of the Air Force Trusted Critical Computer System Evaluation Criteria (AFTCCSEC).<<ETX>>","PeriodicalId":108621,"journal":{"name":"Proceedings Seventh Annual Computer Security Applications Conference","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116738580","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Fielding multilevel security into command and control systems 在指挥和控制系统中部署多级安全系统
Proceedings Seventh Annual Computer Security Applications Conference Pub Date : 1991-12-02 DOI: 10.1109/CSAC.1991.213005
Daniel Galik, B. Tretick
{"title":"Fielding multilevel security into command and control systems","authors":"Daniel Galik, B. Tretick","doi":"10.1109/CSAC.1991.213005","DOIUrl":"https://doi.org/10.1109/CSAC.1991.213005","url":null,"abstract":"The Joint MLS Technology Insertion Program was established by the Joint Staff J6 in January 1990. A key component of the Joint MLS program is the DoD testbed at Military Airlift command (MAC). Scott Air Force Base (AFB), Illinois. The testbed is addressing critical secure system integration issues associated with expediting the deployment of MLS capabilities and components into operational command and control (C/sup 2/) systems. The paper discusses the activities, successes, and challenges associated with the testbed activities at MAC.<<ETX>>","PeriodicalId":108621,"journal":{"name":"Proceedings Seventh Annual Computer Security Applications Conference","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129678920","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
A prototype B3 trusted X Window System 一个B3可信X窗口系统的原型
Proceedings Seventh Annual Computer Security Applications Conference Pub Date : 1991-12-02 DOI: 10.1109/CSAC.1991.213019
J. Epstein, J. McHugh, Rita Pascale, H. Orman, G. Benson, Charles R. Martin, A. Marmor-Squires, Bonnie P. Danner, M. Branstad
{"title":"A prototype B3 trusted X Window System","authors":"J. Epstein, J. McHugh, Rita Pascale, H. Orman, G. Benson, Charles R. Martin, A. Marmor-Squires, Bonnie P. Danner, M. Branstad","doi":"10.1109/CSAC.1991.213019","DOIUrl":"https://doi.org/10.1109/CSAC.1991.213019","url":null,"abstract":"Multilevel secure windowing systems are a key technology for the 1990s. The authors have spent 20 months designing and implementing a prototype of a multilevel secure X Window System as a proof of concept vehicle for their software engineering process model for the development of trusted systems. The prototype is targeted to B3 evaluation criteria. In the early stages many doubted that B3 was achievable for a windowing system (especially X); the prototype demonstrates that B3 is achievable. The paper describes the goals, the architecture of the system, and some of the trade-offs made to achieve the goals. It also contrasts the work with existing compartmented mode workstations (CMW) windowing systems.<<ETX>>","PeriodicalId":108621,"journal":{"name":"Proceedings Seventh Annual Computer Security Applications Conference","volume":"44 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115578340","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 29
A multilevel secure relational data model based on views 基于视图的多级安全关系数据模型
Proceedings Seventh Annual Computer Security Applications Conference Pub Date : 1991-12-02 DOI: 10.1109/CSAC.1991.213008
G. Pernul, G. Luef
{"title":"A multilevel secure relational data model based on views","authors":"G. Pernul, G. Luef","doi":"10.1109/CSAC.1991.213008","DOIUrl":"https://doi.org/10.1109/CSAC.1991.213008","url":null,"abstract":"In order to overcome certain limitations when applied to relational databases, a data model is introduced that is not fully based on the bell-LaPadula security paradigm. The starting point is a conceptual relational database schema and a set of views, representing user groups and applications. Based on the definition of views, the relations of the conceptual schema are decomposed in a set of disjoint fragments. Fragments and views are the granularity of data to which they provide automated security labeling. In order to keep fragmented databases consistent during database update, they give algorithms useful to keep the integrity. Databases based on this model contain data at a variety of classifications, serve a set of users cleared only to access certain data items and may be implemented by using a general purpose database management system extended by a trusted component supporting mandatory access control.<<ETX>>","PeriodicalId":108621,"journal":{"name":"Proceedings Seventh Annual Computer Security Applications Conference","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126007059","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Security considerations in the acquisition of computer systems 购置计算机系统时的安全考虑
Proceedings Seventh Annual Computer Security Applications Conference Pub Date : 1991-12-02 DOI: 10.1109/CSAC.1991.213002
Captain Charles R. Pierce
{"title":"Security considerations in the acquisition of computer systems","authors":"Captain Charles R. Pierce","doi":"10.1109/CSAC.1991.213002","DOIUrl":"https://doi.org/10.1109/CSAC.1991.213002","url":null,"abstract":"The paper describes Air Force System Security Memorandum (AFSSM) 5024, security considerations in the acquisition of computer systems, and how to go about a multidisciplinary approach for including security in any system development or acquisition. The AFSSM is a handbook for program managers providing guidance on developing security specifications for requests for proposals (RFP), including contract data requirements list (CDRL) and data items descriptions (DID). It also provides the delivery timing of resulting deliverables in the development life cycle. In addition to discussing the document, the paper describes some lessons learned from using the AFSSM's draft versions, the status of its development and its future use.<<ETX>>","PeriodicalId":108621,"journal":{"name":"Proceedings Seventh Annual Computer Security Applications Conference","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128884648","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Security modelling using hierarchical state machines 使用分层状态机的安全建模
Proceedings Seventh Annual Computer Security Applications Conference Pub Date : 1991-12-02 DOI: 10.1109/CSAC.1991.213013
J. Nestor
{"title":"Security modelling using hierarchical state machines","authors":"J. Nestor","doi":"10.1109/CSAC.1991.213013","DOIUrl":"https://doi.org/10.1109/CSAC.1991.213013","url":null,"abstract":"The paper defines a modelling scheme that allows for abstraction to simplify security analysis, while at the same time permitting a full description of detailed system behaviour. The basis for the model is a hierarchy of state machines. The security equivalence of the varying levels of abstraction is proven, thereby demonstrating the validity of the model. Also, practical considerations regarding the application of the model to real systems are presented.<<ETX>>","PeriodicalId":108621,"journal":{"name":"Proceedings Seventh Annual Computer Security Applications Conference","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131094849","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Observations on integrating multilevel secure components into system high distributed systems 多层安全组件集成到系统高分布式系统中的观察
Proceedings Seventh Annual Computer Security Applications Conference Pub Date : 1991-12-02 DOI: 10.1109/CSAC.1991.213001
R. Niemeyer, V. Ashby
{"title":"Observations on integrating multilevel secure components into system high distributed systems","authors":"R. Niemeyer, V. Ashby","doi":"10.1109/CSAC.1991.213001","DOIUrl":"https://doi.org/10.1109/CSAC.1991.213001","url":null,"abstract":"The implementation of distributed systems includes an extensive component integration effort. Integrating secure components into a distributed system is a task more difficult than standard integration. Current system high distributed secure systems will be transitioned to multilevel secure systems as multilevel secure components become available. Considerations and changes that are required for successful integration of these components are discussed. These changes fall into the categories of concept of operations, security policy, and security architecture.<<ETX>>","PeriodicalId":108621,"journal":{"name":"Proceedings Seventh Annual Computer Security Applications Conference","volume":"202 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116076760","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Modeling internal controls of automated teller machine (ATM) systems: A computerized decision aid for design and evaluation 自动柜员机(ATM)系统的内部控制建模:设计和评估的计算机化决策辅助
Proceedings Seventh Annual Computer Security Applications Conference Pub Date : 1991-12-02 DOI: 10.1109/CSAC.1991.213012
Joseph C. Chao, Mahalakshmi Komaravolu, Carol Lin, G. Yiu
{"title":"Modeling internal controls of automated teller machine (ATM) systems: A computerized decision aid for design and evaluation","authors":"Joseph C. Chao, Mahalakshmi Komaravolu, Carol Lin, G. Yiu","doi":"10.1109/CSAC.1991.213012","DOIUrl":"https://doi.org/10.1109/CSAC.1991.213012","url":null,"abstract":"The study identifies and models internal controls of automated teller machine systems used by the banking industry. A reliability model of internal controls of ATM systems using series, parallel, and simple structures is presented. Control items and relationships are justified based on the engineering, computer, and auditing literatures. Use and limitations of this model are also discussed. An ATM case with fixed controls and a related questionnaire has been developed. A computerized decision aid programmed in the PC BASIC language for assisting design and evaluation of the ATM internal control system has been developed and evaluated. To evaluate the modeling effectiveness, a small group of graduate students in the EDP Auditing master program uses the decision aid to evaluate the ATM base by filling out the questionnaire. Computed values are compared with the user-assigned values to examine differences between model results and human judgements.<<ETX>>","PeriodicalId":108621,"journal":{"name":"Proceedings Seventh Annual Computer Security Applications Conference","volume":"47 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116986251","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Network auditing: issues and recommendations 网络审计:问题和建议
Proceedings Seventh Annual Computer Security Applications Conference Pub Date : 1991-12-02 DOI: 10.1109/CSAC.1991.213017
S. I. Schaen, Brian W. McKenney
{"title":"Network auditing: issues and recommendations","authors":"S. I. Schaen, Brian W. McKenney","doi":"10.1109/CSAC.1991.213017","DOIUrl":"https://doi.org/10.1109/CSAC.1991.213017","url":null,"abstract":"Auditing can be used to detect abuse or intrusion into a computer system in some cases or if the abuse or intrusion is discovered by other means, the audit can be used after-the-fact to help determine the amount of damage that has occurred on the system. The deterrent presented by the audit trail is also important. In the past, audit trails have usually been oriented to standalone processors. The paper explores issues present when auditing in a networked environment. The issues are grouped according to: collection and storage, integration, protection and analysis. Some recommendations for further research, development, standards and policy-making initiatives are provided.<<ETX>>","PeriodicalId":108621,"journal":{"name":"Proceedings Seventh Annual Computer Security Applications Conference","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134561504","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
A single-level scheduler for the replicated architecture for multilevel-secure databases 用于多级安全数据库的复制体系结构的单级调度器
Proceedings Seventh Annual Computer Security Applications Conference Pub Date : 1991-12-02 DOI: 10.1109/CSAC.1991.213023
J. McDermott, S. Jajodia, R. Sandhu
{"title":"A single-level scheduler for the replicated architecture for multilevel-secure databases","authors":"J. McDermott, S. Jajodia, R. Sandhu","doi":"10.1109/CSAC.1991.213023","DOIUrl":"https://doi.org/10.1109/CSAC.1991.213023","url":null,"abstract":"The replicated architecture for multilevel secure database systems provides security by replicating data into separate untrusted single-level database systems. To be successful, a system using the replicated architecture must have a concurrency and replica control algorithm that does not introduce any covert channels. Jajodia and Kogan (1990) have developed one such algorithm that uses update projections and a write-all replica control algorithm. The authors describe an alternative algorithm. The new algorithm uses replicated transactions and a set of queues organized according to security class. A new definition of correctness is required for this approach, so they present one and use it to show that the algorithm is correct. The existence of this new algorithm increases the viability of the replicated architecture as an alternative to kernelized approaches.<<ETX>>","PeriodicalId":108621,"journal":{"name":"Proceedings Seventh Annual Computer Security Applications Conference","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114355998","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 23
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信