发布求助
文献互助 智能选刊 最新文献

Proceedings Seventh Annual Computer Security Applications Conference最新文献

筛选
英文 中文
Security constraint processing during the update operation in a multilevel secure database management system 多层安全数据库管理系统更新操作中的安全约束处理
Proceedings Seventh Annual Computer Security Applications Conference Pub Date : 1991-12-02 DOI: 10.1109/CSAC.1991.213021
Marie Collins, W. Ford, B. Thuraisingham
{"title":"Security constraint processing during the update operation in a multilevel secure database management system","authors":"Marie Collins, W. Ford, B. Thuraisingham","doi":"10.1109/CSAC.1991.213021","DOIUrl":"https://doi.org/10.1109/CSAC.1991.213021","url":null,"abstract":"In a multilevel secure database management system (MLS/DBMS), users cleared at different security levels access and share a database consisting of data at different sensitivity levels (also called security levels) to data is one which utilizes security constraints or classification rules. Security constraints provide an effective and versatile classification policy. They can be used to assign security levels to the data depending on the content, context, and time. Security constraints are a special form of integrity constraints enforced in a MLS/DBMS. As such, they can be handled during query processing, during database updates or during database design. The authors describe in detail the design and implementation of a secure update processor which handles security constraints in a multilevel secure database management system.<<ETX>>","PeriodicalId":108621,"journal":{"name":"Proceedings Seventh Annual Computer Security Applications Conference","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129756153","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Real-time anomaly detection using a nonparametric pattern recognition approach 使用非参数模式识别方法的实时异常检测
Proceedings Seventh Annual Computer Security Applications Conference Pub Date : 1991-12-02 DOI: 10.1109/CSAC.1991.213016
Linda B. Lankewicz, M. Benard
{"title":"Real-time anomaly detection using a nonparametric pattern recognition approach","authors":"Linda B. Lankewicz, M. Benard","doi":"10.1109/CSAC.1991.213016","DOIUrl":"https://doi.org/10.1109/CSAC.1991.213016","url":null,"abstract":"Obstacles to achieving anomaly detection in real time include the large volume of data associated with user behavior and the nature of that data. The paper describes preliminary results from a research project which is developing a new approach to handling such data. The approach involves nonparametric statistical methods which permits considerable data compression and which supports pattern recognition techniques for identifying user behavior. This approach applies these methods to a combination of measurements of resource usage and structural information about the behavior of processes. Preliminary results indicate that both accuracy and real time response can be achieved using these methods.<<ETX>>","PeriodicalId":108621,"journal":{"name":"Proceedings Seventh Annual Computer Security Applications Conference","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134498820","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 31
Towards trusted cut and paste in the X Window System 走向可信的剪切和粘贴在X窗口系统
Proceedings Seventh Annual Computer Security Applications Conference Pub Date : 1991-12-02 DOI: 10.1109/CSAC.1991.213020
J. Picciotto
{"title":"Towards trusted cut and paste in the X Window System","authors":"J. Picciotto","doi":"10.1109/CSAC.1991.213020","DOIUrl":"https://doi.org/10.1109/CSAC.1991.213020","url":null,"abstract":"The X Window System (X) has become one of the most popular window systems available. However, to use X in a trusted environment, a variety of security issues must be addressed. Among these issues is how to mediate interwindow data moves in a manner consistent with a system's security policy. Current interpretations of existing security requirements state that interwindow moves must be subject not only to traditional access controls, but also that users must be able to perform certain operations as the data is being moved (such as review the data, or alter the data's security attributes). The paper presents the issues involved in meeting the security requirements, and describes and contrasts two possible approaches for addressing those issues.<<ETX>>","PeriodicalId":108621,"journal":{"name":"Proceedings Seventh Annual Computer Security Applications Conference","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127339081","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
To Bell and back: developing a formal security policy model for a C/sup 2/ system 到Bell和返回:为C/sup /系统开发正式的安全策略模型
Proceedings Seventh Annual Computer Security Applications Conference Pub Date : 1991-12-02 DOI: 10.1109/CSAC.1991.213010
R. A. Gove, Lisa M. Jaworski, John G. Williams
{"title":"To Bell and back: developing a formal security policy model for a C/sup 2/ system","authors":"R. A. Gove, Lisa M. Jaworski, John G. Williams","doi":"10.1109/CSAC.1991.213010","DOIUrl":"https://doi.org/10.1109/CSAC.1991.213010","url":null,"abstract":"The authors describe several interesting aspects of the development of a formal security policy model for a military command and control (C/sup 2/) system. The C/sup 2/ system is being built to meet the B3 division and class of DOD 5200.28 STD. The paper discusses the real world issues involved in developing a useful and accurate model of a very complex security policy. The policy developed for the target application has several interesting features and consequently the model is interesting in several respects. The system has several policy elements that required some novel mathematical approaches. These are explained in detail.<<ETX>>","PeriodicalId":108621,"journal":{"name":"Proceedings Seventh Annual Computer Security Applications Conference","volume":"77 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129213460","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Considerations for applying disk encryptors to environments subject to hostile overrun 将磁盘加密器应用于可能遭受恶意溢出的环境的注意事项
Proceedings Seventh Annual Computer Security Applications Conference Pub Date : 1991-12-02 DOI: 10.1109/CSAC.1991.213003
P. Mallet
{"title":"Considerations for applying disk encryptors to environments subject to hostile overrun","authors":"P. Mallet","doi":"10.1109/CSAC.1991.213003","DOIUrl":"https://doi.org/10.1109/CSAC.1991.213003","url":null,"abstract":"The paper presents a list of considerations for applying a commercial off-the-shelf disk encryptor to an environment where hostile overrun is a significant threat. The considerations include: how the encryption device is configured and interfaced to the workstation, host, or server; encryption key management including key entry, changeover, and quick destruct; and long term off-line storage.<<ETX>>","PeriodicalId":108621,"journal":{"name":"Proceedings Seventh Annual Computer Security Applications Conference","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124480394","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Complete containment sets and their application to the inference problem 完全包容集及其在推理问题中的应用
Proceedings Seventh Annual Computer Security Applications Conference Pub Date : 1991-12-02 DOI: 10.1109/CSAC.1991.213006
B. Weems, Wen-Gong Shieh, M. Jaseemuddin
{"title":"Complete containment sets and their application to the inference problem","authors":"B. Weems, Wen-Gong Shieh, M. Jaseemuddin","doi":"10.1109/CSAC.1991.213006","DOIUrl":"https://doi.org/10.1109/CSAC.1991.213006","url":null,"abstract":"An approach to the inference problem in database security is described. This new approach is based on existing ideas in query containment theory. This theory may be used to generalize query modification, a query answering approach that allows a user to write a query that is beyond his access privileges, but the system will construct a set of similar queries that is within his privileges. This generalization may also be used to approach the inference problem. Examples of formalizing inference problems within the framework of queries are given, along with an algorithm for the detection of inference violations. Finally, suggestions are made for query answering to avoid inferences at several granularities by blocking all answers for a query, component queries, individual tuples, or individual values.<<ETX>>","PeriodicalId":108621,"journal":{"name":"Proceedings Seventh Annual Computer Security Applications Conference","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133368865","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
High level prevention of traffic analysis 高水平预防流量分析
Proceedings Seventh Annual Computer Security Applications Conference Pub Date : 1991-12-02 DOI: 10.1109/CSAC.1991.213014
R. Newman, B. Venkatraman
{"title":"High level prevention of traffic analysis","authors":"R. Newman, B. Venkatraman","doi":"10.1109/CSAC.1991.213014","DOIUrl":"https://doi.org/10.1109/CSAC.1991.213014","url":null,"abstract":"The paper gives a mathematical model for prevention of traffic analysis in network security and suggests an approach for prevention of unauthorized release of information concerning traffic patterns. The model assumes that an eavesdropper may read the contents of all links, including the source and destination, and that all countermeasures are performed at the transport layer. The goal of the countermeasures is to prevent the eavesdropper from gaining any useful information regarding the traffic patterns in a cost efficient and feasible manner. Countermeasures performed at the transport level include encryption a limited form of message rerouting delaying messages and sending dummy messages as needed within resource capacities. By formulating the problem in terms of systems of equalities and systems of inequalities linear programming methods may be used to find solutions to the traffic analysis security problem.<<ETX>>","PeriodicalId":108621,"journal":{"name":"Proceedings Seventh Annual Computer Security Applications Conference","volume":"45 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127060440","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 49
Domain reduction dependencies: A new type of dependency for statistical database security 域缩减依赖项:统计数据库安全的一种新型依赖项
Proceedings Seventh Annual Computer Security Applications Conference Pub Date : 1991-12-02 DOI: 10.1109/CSAC.1991.213007
S. C. Hansen, E. A. Unger
{"title":"Domain reduction dependencies: A new type of dependency for statistical database security","authors":"S. C. Hansen, E. A. Unger","doi":"10.1109/CSAC.1991.213007","DOIUrl":"https://doi.org/10.1109/CSAC.1991.213007","url":null,"abstract":"A new type of data dependency, the domain reduction dependency is defined. Given a set of attributes over which a query is being made, this dependency allows one to more accurately predict the probability of release of sensitive statistics for that query than could have been done with table size alone. In addition, the properties of DRDs provide metainformation on the gain and loss of information within a lattice of queries through the addition or removal of attributes from a query set. This increased formalism on information loss and gain may provide insights which will allow the construction of better techniques for protecting the security of future statistical databases.<<ETX>>","PeriodicalId":108621,"journal":{"name":"Proceedings Seventh Annual Computer Security Applications Conference","volume":"73 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114726661","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
An audit model for object-oriented databases 面向对象数据库的审计模型
Proceedings Seventh Annual Computer Security Applications Conference Pub Date : 1991-12-02 DOI: 10.1109/CSAC.1991.213015
B. Kogan, S. Jajodia
{"title":"An audit model for object-oriented databases","authors":"B. Kogan, S. Jajodia","doi":"10.1109/CSAC.1991.213015","DOIUrl":"https://doi.org/10.1109/CSAC.1991.213015","url":null,"abstract":"Auditing capability is one of the requirements for secure databases. A secure database management system, among other things, has to provide not only facilities for recording the history of all updates and queries against the database but high-level support for querying this history as well. The authors present an audit model for object-oriented databases that satisfies both requirements. The model offers several additional advantages: (1) it imposes a uniform logical structure upon both the current and the audit data: (2) it results in zero-information loss, i.e. there is never any loss of historical or current information in this model; and (3) since it captures the entire database activity, a complete reconstruction of every action taken on the database is possible. They show how this third aspect can be exploited to provide high-level support for expressing audit and other database queries and therefore, they make a complete audit trail methodology available.<<ETX>>","PeriodicalId":108621,"journal":{"name":"Proceedings Seventh Annual Computer Security Applications Conference","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121428349","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Using polyinstantiation to develop an MLS application 使用多实例化开发MLS应用程序
Proceedings Seventh Annual Computer Security Applications Conference Pub Date : 1991-12-02 DOI: 10.1109/CSAC.1991.213022
Doug Nelson, Chip Paradise
{"title":"Using polyinstantiation to develop an MLS application","authors":"Doug Nelson, Chip Paradise","doi":"10.1109/CSAC.1991.213022","DOIUrl":"https://doi.org/10.1109/CSAC.1991.213022","url":null,"abstract":"Polyinstantiation has generated a great deal of controversy in the multilevel secure (MLS) database management system (DBMS) research community, but few practical examples of its usage exist. The paper describes and analyses the planned use of polyinstantiation at the United States Transportation Command Military Airlift Command (USTRANSCOM/MAC), describes several DBMS processing anomalies unique to this approach, and proposes several trusted commercial-off-the-shelf DBMS enhancements to improve the support for polyinstantiated data.<<ETX>>","PeriodicalId":108621,"journal":{"name":"Proceedings Seventh Annual Computer Security Applications Conference","volume":"46 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128898800","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信