发布求助
文献互助 智能选刊 最新文献

Proceedings. 1988 IEEE Symposium on Security and Privacy最新文献

筛选
英文 中文
A bandwidth computation model for covert storage channels and its applications 隐蔽存储信道的带宽计算模型及其应用
Proceedings. 1988 IEEE Symposium on Security and Privacy Pub Date : 1988-04-18 DOI: 10.1109/SECPRI.1988.8103
Chii-Ren Tsai, V. Gligor
{"title":"A bandwidth computation model for covert storage channels and its applications","authors":"Chii-Ren Tsai, V. Gligor","doi":"10.1109/SECPRI.1988.8103","DOIUrl":"https://doi.org/10.1109/SECPRI.1988.8103","url":null,"abstract":"A Markov model for bandwidth computation and its application to Secure Xenix are presented. The model can be used for computing the bandwidth of both individual channels and aggregated channels (i.e. serial and parallel aggregation). Using this model, a tool has been built and experiments conducted to determine the factors that affect the bandwidth of covert storage channels (noise, scheduling delays, load, etc.). The tool can be used to compute the minimum delays for each channel under various loads and program behavior. Thus, it allows the placement of dynamically adjustable delays in multiprogrammed systems, which guarantees minimum performance impact. >","PeriodicalId":131674,"journal":{"name":"Proceedings. 1988 IEEE Symposium on Security and Privacy","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1988-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124927252","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 50
ASDViews (relational databases) ASDViews(关系数据库)
Proceedings. 1988 IEEE Symposium on Security and Privacy Pub Date : 1988-04-18 DOI: 10.1109/SECPRI.1988.8100
Cristi Garvey, A. Wu
{"title":"ASDViews (relational databases)","authors":"Cristi Garvey, A. Wu","doi":"10.1109/SECPRI.1988.8100","DOIUrl":"https://doi.org/10.1109/SECPRI.1988.8100","url":null,"abstract":"A description is given of ASDViews, an implementation of views as the security object in a multilevel secure relational database management system (DBMS) that results in a small trusted computing base (TCB) as required to meet the criteria for evaluation class B2 and above. A general view is the result of a database query. Since most of the code which implements the DBMS is involved in processing the query, most of the DBMS must be trusted. ASDViews is defined using a subset of the relational algebra to restrict the size of the query language available to define a secure view. This approach reduces that part of the TCB required to implement secure views to roughly 1000 lines of code.<<ETX>>","PeriodicalId":131674,"journal":{"name":"Proceedings. 1988 IEEE Symposium on Security and Privacy","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1988-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114294941","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
A formal specification and verification method for the prevention of denial of service 防止拒绝服务的正式规范和验证方法
Proceedings. 1988 IEEE Symposium on Security and Privacy Pub Date : 1988-04-18 DOI: 10.1109/SECPRI.1988.8111
Chenqiu Yu, V. Gligor
{"title":"A formal specification and verification method for the prevention of denial of service","authors":"Chenqiu Yu, V. Gligor","doi":"10.1109/SECPRI.1988.8111","DOIUrl":"https://doi.org/10.1109/SECPRI.1988.8111","url":null,"abstract":"The authors present a formal specification and verification method for the prevention of denial of service in absence of failures and integrity violations. They introduce the notion of user agreements and argue that lack of specifications for these agreements and for simultaneity conditions makes it impossible to demonstrate denial-of-service prevention, in spite of demonstrably fair service access. The authors illustrate the use of this method with two examples and explain why current methods for specification and verification of safety and liveness properties of concurrent programs have been unable to handle this problem. The proposed specification and verification method is meant to augment current methods for secure system design.<<ETX>>","PeriodicalId":131674,"journal":{"name":"Proceedings. 1988 IEEE Symposium on Security and Privacy","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1988-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129216705","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 53
Reasoning about knowledge in multilevel secure distributed systems 多层安全分布式系统中的知识推理
Proceedings. 1988 IEEE Symposium on Security and Privacy Pub Date : 1988-04-18 DOI: 10.1109/SECPRI.1988.8104
J. Glasgow, G. MacEwen
{"title":"Reasoning about knowledge in multilevel secure distributed systems","authors":"J. Glasgow, G. MacEwen","doi":"10.1109/SECPRI.1988.8104","DOIUrl":"https://doi.org/10.1109/SECPRI.1988.8104","url":null,"abstract":"A method for reasoning about knowledge in multilevel secure distributed systems is introduced. This method, based on a behavioral semantics for operator nets, can be used to specify a variety of security properties such as nondisclosure, integrity, and authority systems. The major attributes of the method are the intuitive nature of the specifications and the expressibility of the model, which allows statements about temporal properties and deductive capabilities of processes.<<ETX>>","PeriodicalId":131674,"journal":{"name":"Proceedings. 1988 IEEE Symposium on Security and Privacy","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1988-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132348596","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
Security specifications 安全规范
Proceedings. 1988 IEEE Symposium on Security and Privacy Pub Date : 1988-04-18 DOI: 10.1109/SECPRI.1988.8094
J. Jacob
{"title":"Security specifications","authors":"J. Jacob","doi":"10.1109/SECPRI.1988.8094","DOIUrl":"https://doi.org/10.1109/SECPRI.1988.8094","url":null,"abstract":"A security and specification-oriented semantics for systems is given. The semantic model is derived from that for the trace model of C.A.R. Hoare's (1980) communicating sequential processes and is used to define various security concepts, such as multilevel secure systems, trusted users and integrity. It is indicated how implementations of secure systems can be derived from their specifications.<<ETX>>","PeriodicalId":131674,"journal":{"name":"Proceedings. 1988 IEEE Symposium on Security and Privacy","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1988-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123539718","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 74
An axiomatic basis of trust in distributed systems 分布式系统中信任的公理基础
Proceedings. 1988 IEEE Symposium on Security and Privacy Pub Date : 1988-04-18 DOI: 10.1109/SECPRI.1988.8112
P. Rangan
{"title":"An axiomatic basis of trust in distributed systems","authors":"P. Rangan","doi":"10.1109/SECPRI.1988.8112","DOIUrl":"https://doi.org/10.1109/SECPRI.1988.8112","url":null,"abstract":"He introduces basic notions about developing a logic or a theory, and shows that modal logics of belief, with their Kripe-style possible-worlds semantics, are appropriate for basing a theory of trust on. He reviews a modal logic of belief, and constructs a model of the distributed system so that the logic is sound and complete with respect to the model. Any sentences in the logic may then be added to the logic as axioms, and these axiomatic sentences are considered as trust specifications. He presents methods to map a formal trust specification on to mechanisms for its implementation in the distributed system. Trust and security are closely related in distributed systems. It is shown how security specification and verification methods can be integrated into the presented theory of trust. The author analyzes the trusts required in public-key-based secure communication.<<ETX>>","PeriodicalId":131674,"journal":{"name":"Proceedings. 1988 IEEE Symposium on Security and Privacy","volume":"63 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1988-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126636539","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 75
A prototype real-time intrusion-detection expert system 实时入侵检测专家系统原型
Proceedings. 1988 IEEE Symposium on Security and Privacy Pub Date : 1988-04-18 DOI: 10.1109/SECPRI.1988.8098
T. Lunt, R. Jagannathan
{"title":"A prototype real-time intrusion-detection expert system","authors":"T. Lunt, R. Jagannathan","doi":"10.1109/SECPRI.1988.8098","DOIUrl":"https://doi.org/10.1109/SECPRI.1988.8098","url":null,"abstract":"The design and implementation of a prototype intrusion-detection expert system (IDES) are described. IDES is based on the concept that an intrusion manifests itself as a departure from expected behavior for a user. The prototype monitors users on a remote system, using audit records that characterize their activities. It adaptively learns the normal behavior of each user and detects and reports anomalous user behavior in real time.<<ETX>>","PeriodicalId":131674,"journal":{"name":"Proceedings. 1988 IEEE Symposium on Security and Privacy","volume":"66 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1988-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123371474","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 199
Using mandatory integrity to enforce 'commercial' security 使用强制完整性来执行“商业”安全
Proceedings. 1988 IEEE Symposium on Security and Privacy Pub Date : 1988-04-18 DOI: 10.1109/SECPRI.1988.8106
Theodore M. P. Lee
{"title":"Using mandatory integrity to enforce 'commercial' security","authors":"Theodore M. P. Lee","doi":"10.1109/SECPRI.1988.8106","DOIUrl":"https://doi.org/10.1109/SECPRI.1988.8106","url":null,"abstract":"Government research, development, and standardization efforts in computer security have been repeatedly criticized as not being applicable to the commercial world. In particular, they have been criticized as not being able to support the kinds of security policies, such as separation of duties and well-formed transactions, used by the financial and other communities to control unauthorized changes to or falsification of information. It is shown two natural extensions-integrity categories and partially trusted subjects-of the principles of current US Department of Defense computer security standards could be used to implement such commercial security policies in a way that exploits the fundamental strengths of existing or future trusted systems.<<ETX>>","PeriodicalId":131674,"journal":{"name":"Proceedings. 1988 IEEE Symposium on Security and Privacy","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1988-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129275054","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 103
Views as the security objects in a multilevel secure relational database management system 视图是多级安全关系数据库管理系统中的安全对象
Proceedings. 1988 IEEE Symposium on Security and Privacy Pub Date : 1988-04-18 DOI: 10.1109/SECPRI.1988.8099
Jackson Wilson
{"title":"Views as the security objects in a multilevel secure relational database management system","authors":"Jackson Wilson","doi":"10.1109/SECPRI.1988.8099","DOIUrl":"https://doi.org/10.1109/SECPRI.1988.8099","url":null,"abstract":"A mandatory security policy for a multilevel secure relational DBMS using views as the security objects is presented. The advantages and disadvantages of this approach are examined. A method of ensuring the completeness and consistency of the set of secure views is described, as well as an approach to implementing views as the security objects.<<ETX>>","PeriodicalId":131674,"journal":{"name":"Proceedings. 1988 IEEE Symposium on Security and Privacy","volume":"350 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1988-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115895542","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 21
Controlling logical inference in multilevel database systems 多层数据库系统逻辑推理控制
Proceedings. 1988 IEEE Symposium on Security and Privacy Pub Date : 1988-04-18 DOI: 10.1109/SECPRI.1988.8116
M. Morgenstern
{"title":"Controlling logical inference in multilevel database systems","authors":"M. Morgenstern","doi":"10.1109/SECPRI.1988.8116","DOIUrl":"https://doi.org/10.1109/SECPRI.1988.8116","url":null,"abstract":"The potential for logical inference of high-level information based on lower-level visible data presents a threat to multilevel security. The author proposes a framework for studying these inference control problems, describes a representation for relevant semantics of the application, develops criteria for safety and security of a system to prevent these problems, and describes the functionality of the proposed classification tool in terms of a scenario for its use.<<ETX>>","PeriodicalId":131674,"journal":{"name":"Proceedings. 1988 IEEE Symposium on Security and Privacy","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1988-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123144079","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 98
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信