发布求助
文献互助 智能选刊 最新文献

Proceedings of 1995 New Security Paradigms Workshop最新文献

筛选
英文 中文
'tsupdood? Repackaged problems for you and MMI [security] “tsupdood ?为您和MMI[安全]重新打包问题
Proceedings of 1995 New Security Paradigms Workshop Pub Date : 1995-08-22 DOI: 10.1109/NSPW.1995.492338
R. Bace, M. Schaefer
{"title":"'tsupdood? Repackaged problems for you and MMI [security]","authors":"R. Bace, M. Schaefer","doi":"10.1109/NSPW.1995.492338","DOIUrl":"https://doi.org/10.1109/NSPW.1995.492338","url":null,"abstract":"Changes in computer usage have significantly changed the so-called computer security, network security and information security problems. The changes are largely due to the rapid proliferation and interconnection of computers and the associated distribution of software. Of concern is the uncontrolled nature of this activity: systems and workstations are often interconnected without notice being given to all of the affected parties. The result has been increased user perception of breaches in \"security\", especially in the form of computer takeover, data destruction, or service denial by virus, worm or trapdoor. It is expected that consciousness of these problems, and of confidentiality compromises, will increase in the coming months. It is posited that a principal cause of the problem is willful promiscuity and a pronounced lack of mutual suspicion. The separation kernel concept is revisited as a potential practical means of improving security protections consistent with preserving the use of legacy systems and of commercial products.","PeriodicalId":111230,"journal":{"name":"Proceedings of 1995 New Security Paradigms Workshop","volume":"2020 17","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132678280","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Pretty good assurance 很好的保证
Proceedings of 1995 New Security Paradigms Workshop Pub Date : 1995-08-01 DOI: 10.1109/NSPW.1995.492347
Jeff Williams, M. Schaefer, Douglas J. Landoll
{"title":"Pretty good assurance","authors":"Jeff Williams, M. Schaefer, Douglas J. Landoll","doi":"10.1109/NSPW.1995.492347","DOIUrl":"https://doi.org/10.1109/NSPW.1995.492347","url":null,"abstract":"This paper describes the need for pretty good assurance: clearly stated claims about the security properties of systems accompanied by evidence that explains in clear terms why we should believe that these claims are substantiated. Several different types of threats are identified and their relationships to assurance are explored. The developer's role in creating on assurance argument is distinguished from the user's role in consuming assurance. Finally, some thoughts on the future are presented.","PeriodicalId":111230,"journal":{"name":"Proceedings of 1995 New Security Paradigms Workshop","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128961326","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Virtual enterprises and the enterprise security architecture 虚拟企业和企业安全架构
Proceedings of 1995 New Security Paradigms Workshop Pub Date : 1995-08-01 DOI: 10.1109/NSPW.1995.492344
Thomas Haigh
{"title":"Virtual enterprises and the enterprise security architecture","authors":"Thomas Haigh","doi":"10.1109/NSPW.1995.492344","DOIUrl":"https://doi.org/10.1109/NSPW.1995.492344","url":null,"abstract":"The emergence of internetworked systems has given corporations and government agencies the opportunity to share information in unprecedented fashion. This sharing can be distributed across several enterprises. In effect, actual enterprises with shared interests can form virtual enterprises. There are significant security implications in this. An enterprise must not only protect the confidentiality and integrity of its own information; it must also protect the information of the virtual enterprises to which it belongs. We suggest that this can be considered as new security paradigm-the virtual enterprise security paradigm-which has a significant impact on security policy, architecture and mechanisms, and leads to an enterprise security architecture that is consistent with the trend toward client-server systems and is suitable for the emerging, internetworked environments now found in both the government and private sectors. In this paper, we describe the common themes and solution principles that led to this new view of computing and security. We then discuss the policy and architectural issues associated with the paradigm. We finish by drawing some tentative conclusions about the paradigm.","PeriodicalId":111230,"journal":{"name":"Proceedings of 1995 New Security Paradigms Workshop","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116076084","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
QuARC: expressive security mechanisms QuARC:表达性安全机制
Proceedings of 1995 New Security Paradigms Workshop Pub Date : 1995-08-01 DOI: 10.1109/NSPW.1995.492342
J. Yesberg, Mark S. Anderson
{"title":"QuARC: expressive security mechanisms","authors":"J. Yesberg, Mark S. Anderson","doi":"10.1109/NSPW.1995.492342","DOIUrl":"https://doi.org/10.1109/NSPW.1995.492342","url":null,"abstract":"Security mechanisms in current distributed computer systems only allow a small range of security policies to be implemented. We present the QuARC (Quantitative Authentication, Rule-based roles and Committees) system, which uses some unusual mechanisms that allow it to implement a much wider variety of policies. This allows computer security policies to be much better aligned with organisational policies. The mechanisms discussed are quantitative authentication and vouching, rule-based roles with quantitative privileges, and committees. This paper provides an introduction to these mechanisms and shows how they are used in our system.","PeriodicalId":111230,"journal":{"name":"Proceedings of 1995 New Security Paradigms Workshop","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127518376","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Security for infinite networks 无限网络的安全性
Proceedings of 1995 New Security Paradigms Workshop Pub Date : 1995-08-01 DOI: 10.1109/NSPW.1995.492339
R. Nelson, H. H. Hosmer
{"title":"Security for infinite networks","authors":"R. Nelson, H. H. Hosmer","doi":"10.1109/NSPW.1995.492339","DOIUrl":"https://doi.org/10.1109/NSPW.1995.492339","url":null,"abstract":"Although network security theory forbids many connections to large networks as being too risky, the reality is that large numbers of sensitive systems are connected to the Internet and that connectivity is increasing at a rapid rate. Firewalls and host protection mechanisms are used in a somewhat arbitrary fashion, depending more on the availability of products than on a clear understanding of security principles. We need to expand security theory to protect large networks. This paper proposes a new paradigm for security in large networks, based on an understanding of the sometimes conflicting requirements for security, connectivity and functionality. The paradigm, called FICS-IT (Functional, Information, and Connection Security for Information Technology), consists of a philosophy, an approach, a framework and a collection of components. It is based on an understanding of security as risk management and includes: local resource control; multiple, tailored security policies; layered, functional access control; and recognition of heterogeneity in architecture, ownership and policy.","PeriodicalId":111230,"journal":{"name":"Proceedings of 1995 New Security Paradigms Workshop","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130588213","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Administration in a multiple policy/domain environment: the administration and melding of disparate policies 多策略/域环境中的管理:不同策略的管理和融合
Proceedings of 1995 New Security Paradigms Workshop Pub Date : 1995-08-01 DOI: 10.1109/NSPW.1995.492343
W. Ford
{"title":"Administration in a multiple policy/domain environment: the administration and melding of disparate policies","authors":"W. Ford","doi":"10.1109/NSPW.1995.492343","DOIUrl":"https://doi.org/10.1109/NSPW.1995.492343","url":null,"abstract":"New standards for trusted systems propose multiple security policies and multiple policy domains. My experience with building a multi-policy machine prototype illustrated that multiple policy domains and complex policies push current policy administration techniques, tools and user interfaces beyond their limits. This paper proposes a holistic approach to policy administration, consisting of human-intuitive user interfaces for defining policies, a policy base (a knowledge base focused on the rules and data required to describe the policies to be administered and acted on) for storing them, and intelligent tool programs that allow the administrator to anticipate the impact of policy changes and interactions.","PeriodicalId":111230,"journal":{"name":"Proceedings of 1995 New Security Paradigms Workshop","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133043842","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Credentials for privacy and interoperation 用于隐私和互操作的凭证
Proceedings of 1995 New Security Paradigms Workshop Pub Date : 1995-08-01 DOI: 10.1109/NSPW.1995.492348
V. Jones, N. Ching, M. Winslett
{"title":"Credentials for privacy and interoperation","authors":"V. Jones, N. Ching, M. Winslett","doi":"10.1109/NSPW.1995.492348","DOIUrl":"https://doi.org/10.1109/NSPW.1995.492348","url":null,"abstract":"We consider the problem of providing secure, private access to applications and data in a world-wide distributed client-server environment such as the Internet of the future. In such a system, the set of potential users of a service may extend far beyond the local community knowable to the application providing the service. Applications will not generally have prior knowledge of the individual making a request upon which an access control decision can be based and furthermore, knowledge of an individual's identity may not be directly useful. We frame our discussion in the context of supporting credentials which are submitted with a request, and propose a list of desiderata for such credentials. We evaluate several well-known proposals for credentials, focusing on issues related to privacy and scalability, and then point out the research issues that remain before such schemes can be deployed in a world-wide environment with strong privacy guarantees.","PeriodicalId":111230,"journal":{"name":"Proceedings of 1995 New Security Paradigms Workshop","volume":"56 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121694715","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
Unhelpfulness as a security policy, or it's about time 作为一种安全策略是没有帮助的,或者是时候了
Proceedings of 1995 New Security Paradigms Workshop Pub Date : 1995-08-01 DOI: 10.1109/NSPW.1995.492341
R. Nelson
{"title":"Unhelpfulness as a security policy, or it's about time","authors":"R. Nelson","doi":"10.1109/NSPW.1995.492341","DOIUrl":"https://doi.org/10.1109/NSPW.1995.492341","url":null,"abstract":"Suggests the possibility of controlling the rate of release of information as well as whether the information can be released at all. If the user must have access to information but does not require fast access to large amounts of data, the system can release the information to that user in a slow and unhelpful manner. The addition of the parameter of time acts as a deterrent to information collectors and intruders; less information is available, and the user must access the system repeatedly and for a longer time to get it. Investigation of the rate of release has led to further understanding of the principle of least privilege. The principle of least privilege has generally been espoused by the computer security community as highly desirable. It has been applied to computer security, but only in limited ways. Consideration of time allows a refinement of the concept and offers the possibility of more flexible and fine-grained control.","PeriodicalId":111230,"journal":{"name":"Proceedings of 1995 New Security Paradigms Workshop","volume":"81 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133301877","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Research issues in authorization models for hypertext systems 超文本系统授权模型研究
Proceedings of 1995 New Security Paradigms Workshop Pub Date : 1995-08-01 DOI: 10.1109/NSPW.1995.492340
E. Bertino, P. Samarati
{"title":"Research issues in authorization models for hypertext systems","authors":"E. Bertino, P. Samarati","doi":"10.1109/NSPW.1995.492340","DOIUrl":"https://doi.org/10.1109/NSPW.1995.492340","url":null,"abstract":"The proper characteristics of hypertext systems, such as absence of a schema, connections among the different \"chunks\" of information, and the possibility of navigating in the hypertext, make conventional authorization models inadequate for their protection. These characteristics on the one hand raise new protection requirements, thus making the problem of protection much harder; while on the other hand, they provide a flexibility in the specification of authorizations which is greater than in more structured data models. We are currently working on an authorization model for the protection of information in distributed hypertext systems. In this paper, we illustrate the new requirements that arise and discuss some of the issues we are currently investigating.","PeriodicalId":111230,"journal":{"name":"Proceedings of 1995 New Security Paradigms Workshop","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117047406","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Applying the dependability paradigm to computer security 将可靠性范例应用于计算机安全
Proceedings of 1995 New Security Paradigms Workshop Pub Date : 1995-08-01 DOI: 10.1109/NSPW.1995.492346
C. Meadows
{"title":"Applying the dependability paradigm to computer security","authors":"C. Meadows","doi":"10.1109/NSPW.1995.492346","DOIUrl":"https://doi.org/10.1109/NSPW.1995.492346","url":null,"abstract":"Dependability is that property of a computer system such that reliance can justifiably be place on the service it delivers. In this paper, we contrast the way different ways faults are handled in the dependability paradigm with the way they are handled in the current paradigms for secure system design. We show how the current security paradigm is generally restricted to a subset of the types of approaches used in dependability, largely concentrating on fault prevention and removal while neglecting fault tolerance and forecasting, and we argue that this paradigm is fast becoming obsolete. We discuss the implications of extending the security paradigm to cover the full range of options covered by dependability. In particular, we develop a rough outline of a fault model for security and show how it could be applied to better our understanding of the place of both fault tolerance and fault forecasting in computer security.","PeriodicalId":111230,"journal":{"name":"Proceedings of 1995 New Security Paradigms Workshop","volume":"108 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133582918","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 28
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信