发布求助
文献互助 智能选刊 最新文献

[1989 Proceedings] Fifth Annual Computer Security Applications Conference最新文献

筛选
英文 中文
The security policy of the secure distributed operating system prototype 安全分布式操作系统原型的安全策略
[1989 Proceedings] Fifth Annual Computer Security Applications Conference Pub Date : 1989-12-04 DOI: 10.1109/CSAC.1989.81034
Norman Proctor, R. Wong
{"title":"The security policy of the secure distributed operating system prototype","authors":"Norman Proctor, R. Wong","doi":"10.1109/CSAC.1989.81034","DOIUrl":"https://doi.org/10.1109/CSAC.1989.81034","url":null,"abstract":"The experimental secure distributed operating system (SDOS) is described. It uses a composable property as its mandatory security policy. The security policy includes a fine granularity of discretionary access control immune to Trojan horse attacks. The high degree of assurance that composability makes practical and the richness of the discretionary controls lead SDOS to use balanced assurance. In balance assurance, the assurance measures are fitted to the portion of the security policy whose enforcement is being assured. Like the Cronus distributed computing environment from which it is derived, SDOS uses an object model with abstract operations on various types of system objects and permits an application to extend the paradigm to new types of application objects with new operations. The SDOS security policy and enforcement can likewise be extended for an application's security policy and enforcement.<<ETX>>","PeriodicalId":284420,"journal":{"name":"[1989 Proceedings] Fifth Annual Computer Security Applications Conference","volume":"84 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1989-12-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126205725","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Evaluation issues for an integrated 'INFOSEC' product 集成“信息安全”产品的评估问题
[1989 Proceedings] Fifth Annual Computer Security Applications Conference Pub Date : 1989-12-04 DOI: 10.1109/CSAC.1989.81061
F. Mayer, W. Barker, T. Haley, J. McAuliffe, D. Sterne, Lynne S. Vidmar
{"title":"Evaluation issues for an integrated 'INFOSEC' product","authors":"F. Mayer, W. Barker, T. Haley, J. McAuliffe, D. Sterne, Lynne S. Vidmar","doi":"10.1109/CSAC.1989.81061","DOIUrl":"https://doi.org/10.1109/CSAC.1989.81061","url":null,"abstract":"In recent years it has been recognized that the protection of classified and sensitive information in an distributed, automated processing environment requires a total 'information security' (INFOSEC) solution, combining both communications and computer security technologies into an integrated security solution. While the need for INFOSEC solutions is clearly recognized, the commercial availability of true INFOSEC products is extremely limited or non-existent. The authors discuss the evaluation issues involved in an effort to take evaluated COMSEC technology and evaluated trusted system technology, and integrate them into a evaluatable INFOSEC product.<<ETX>>","PeriodicalId":284420,"journal":{"name":"[1989 Proceedings] Fifth Annual Computer Security Applications Conference","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1989-12-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128580156","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
The trusted server approach to multilevel security 多级安全的可信服务器方法
[1989 Proceedings] Fifth Annual Computer Security Applications Conference Pub Date : 1989-12-04 DOI: 10.1109/CSAC.1989.81074
T. Hinke
{"title":"The trusted server approach to multilevel security","authors":"T. Hinke","doi":"10.1109/CSAC.1989.81074","DOIUrl":"https://doi.org/10.1109/CSAC.1989.81074","url":null,"abstract":"Suggests the trusted server as a means of injecting multilevel security into applications such as command control and intelligence systems. It presents an example trusted database server and a trusted gateway server. A taxonomy is presented for gateway servers. Finally, the paper argues that the trusted server is a gap filler, in that it can off load much of the security design, maintenance and distribution complexity from client systems by permitting lower evaluation level clients to be used with the trusted server bearing much of the cost of multilevel security.<<ETX>>","PeriodicalId":284420,"journal":{"name":"[1989 Proceedings] Fifth Annual Computer Security Applications Conference","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1989-12-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125296898","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
A structured risk analysis approach to resolve the data protection and integrity issues for computer-aided acquisition logistics support (CALS) 解决计算机辅助采办后勤保障(CALS)数据保护和完整性问题的结构化风险分析方法
[1989 Proceedings] Fifth Annual Computer Security Applications Conference Pub Date : 1989-12-04 DOI: 10.1109/CSAC.1989.81012
R. A. Gove, A. Friedman
{"title":"A structured risk analysis approach to resolve the data protection and integrity issues for computer-aided acquisition logistics support (CALS)","authors":"R. A. Gove, A. Friedman","doi":"10.1109/CSAC.1989.81012","DOIUrl":"https://doi.org/10.1109/CSAC.1989.81012","url":null,"abstract":"A structured risk analysis approach that is intended to result in cost-effective data protection and integrity service throughout CALS is described. The structured risk analysis approach would: identify CALS assets; determine threats to CALS data; ascertain CALS vulnerabilities; identify potential risks; use the risk and vulnerability assessment as a baseline for protection and integrity identifying the required services; define a generic lattice-ordered set of security labels for unclassified data that will encompass the CALS requirements; develop the specific protocols to implement the architecture; and implement the protocol in a test bed and then conduct security and operational testing.<<ETX>>","PeriodicalId":284420,"journal":{"name":"[1989 Proceedings] Fifth Annual Computer Security Applications Conference","volume":"128 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1989-12-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127076176","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Two new efficient cryptosystems based on Rabin's scheme: alternatives to RSA cryptosystem 基于Rabin方案的两种新的高效密码系统:RSA密码系统的替代方案
[1989 Proceedings] Fifth Annual Computer Security Applications Conference Pub Date : 1989-12-04 DOI: 10.1109/CSAC.1989.81060
L. Harn, T. Kiesler
{"title":"Two new efficient cryptosystems based on Rabin's scheme: alternatives to RSA cryptosystem","authors":"L. Harn, T. Kiesler","doi":"10.1109/CSAC.1989.81060","DOIUrl":"https://doi.org/10.1109/CSAC.1989.81060","url":null,"abstract":"Proposes two distinct cryptosystems based on Rabin's scheme. The first incorporates coding theory and provides encryption only. The second provides simultaneously both private encryption and digital signature for network users. In the cases where the second scheme provides only encryption or only digital signature, the scheme provides that the bit ratio between plaintext and ciphertext is 1:1, i.e. equivalent to that of the RSA scheme.<<ETX>>","PeriodicalId":284420,"journal":{"name":"[1989 Proceedings] Fifth Annual Computer Security Applications Conference","volume":"47 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1989-12-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130868754","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Security issues and Ada runtime support 安全问题和Ada运行时支持
[1989 Proceedings] Fifth Annual Computer Security Applications Conference Pub Date : 1989-12-04 DOI: 10.1109/CSAC.1989.81049
L. J. Harrison
{"title":"Security issues and Ada runtime support","authors":"L. J. Harrison","doi":"10.1109/CSAC.1989.81049","DOIUrl":"https://doi.org/10.1109/CSAC.1989.81049","url":null,"abstract":"This paper reports on an investigation of the security issues related to Ada runtime support. First, the need to use Ada features requiring runtime support is motivated. The paper then describes how the Ada runtime library in the development environment is transformed to become the Ada runtime system in the operational environment. Key security requirements, such as protection of the runtime library in the development environment, and design of a security architecture in the operational environment are examined. The paper concludes that further research is required along with the actual development of trusted Ada runtime systems.<<ETX>>","PeriodicalId":284420,"journal":{"name":"[1989 Proceedings] Fifth Annual Computer Security Applications Conference","volume":"89 10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1989-12-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116303846","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Auditing: a relevant contribution to trusted database management systems 审计:对可信数据库管理系统的相关贡献
[1989 Proceedings] Fifth Annual Computer Security Applications Conference Pub Date : 1989-12-04 DOI: 10.1109/CSAC.1989.81055
M. Schaefer, B. Hubbard, D. Sterne, T. Haley, J. McAuliffe, D. Wolcott
{"title":"Auditing: a relevant contribution to trusted database management systems","authors":"M. Schaefer, B. Hubbard, D. Sterne, T. Haley, J. McAuliffe, D. Wolcott","doi":"10.1109/CSAC.1989.81055","DOIUrl":"https://doi.org/10.1109/CSAC.1989.81055","url":null,"abstract":"Summary form only given. An ongoing study of audit issues in the context of trusted database management systems (TDBMSs) is discussed. The study consists of a survey of the state of the art, an analysis of issues raised, and an assessment of future relevant research. The scope of the study is broad, and includes a variety of security policies and TDBMS architectures intended for commercial and defense applications. Issues of interest have included those associated with capture, storage, protection, reduction, and analysis of audit data. The study is based on extensive interviews with a number of researchers and product development groups and an examination of audit in its historical and trusted systems contexts. The authors have found that little guidance is provided for either what needs to be audited in TDBMS contexts or when, how, or even where audit data should be captured or recorded. They have found that audit objectives and implied requirements may be specific to each application and security policy. It has also been found that surprisingly little attention has been given in practice to the analysis of TDBMS audit data.<<ETX>>","PeriodicalId":284420,"journal":{"name":"[1989 Proceedings] Fifth Annual Computer Security Applications Conference","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1989-12-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114597670","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Network authentication tokens 网络认证令牌
[1989 Proceedings] Fifth Annual Computer Security Applications Conference Pub Date : 1989-12-04 DOI: 10.1109/CSAC.1989.81056
Russell J. Davis
{"title":"Network authentication tokens","authors":"Russell J. Davis","doi":"10.1109/CSAC.1989.81056","DOIUrl":"https://doi.org/10.1109/CSAC.1989.81056","url":null,"abstract":"Network users may be authenticated by different means and from a variety of locations. Once authenticated, the user's access should be consistent with the strength of the authentication. The author examines one possible method for determining the authentication strength and conveying this information within a distributed network. The approach discussed uses a token composed of a unique user ID and an authentication level. The token is sent along with the request for establishing a remote session. Once the token is received, the remote location determines user access based solely on the authentication token.<<ETX>>","PeriodicalId":284420,"journal":{"name":"[1989 Proceedings] Fifth Annual Computer Security Applications Conference","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1989-12-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115079976","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Chinese wall security policy-an aggressive model 中国的城墙安全政策——一个激进的模式
[1989 Proceedings] Fifth Annual Computer Security Applications Conference Pub Date : 1989-12-04 DOI: 10.1109/CSAC.1989.81064
T. Lin
{"title":"Chinese wall security policy-an aggressive model","authors":"T. Lin","doi":"10.1109/CSAC.1989.81064","DOIUrl":"https://doi.org/10.1109/CSAC.1989.81064","url":null,"abstract":"In Brewer and Nash's Chinese Wall security policy model, there is a very strong implicit assumption that the 'conflict of interest' is an equivalence relation. It is called the BN-axiom. Such axiom is valid only for some very special circumstances. By modifying their formulation, a modified Brewer and Nash model without BN-axiom is defined. Such model turns out to be rather 'conservative' in the sense that the Chinese Walls are built within Chinese territory; it is not really a Chinese Wall model. Next, a new formal model is introduced in which Chinese Walls are built right on the boundary of China-an aggressive model for Chinese Wall security policy.<<ETX>>","PeriodicalId":284420,"journal":{"name":"[1989 Proceedings] Fifth Annual Computer Security Applications Conference","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1989-12-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129544473","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 133
Developing trusted systems using DOD-STD-2167A 使用DOD-STD-2167A开发可信系统
[1989 Proceedings] Fifth Annual Computer Security Applications Conference Pub Date : 1989-12-04 DOI: 10.1109/CSAC.1989.81048
Terry V. Benzel
{"title":"Developing trusted systems using DOD-STD-2167A","authors":"Terry V. Benzel","doi":"10.1109/CSAC.1989.81048","DOIUrl":"https://doi.org/10.1109/CSAC.1989.81048","url":null,"abstract":"A software development process for developing trusted systems under DOD-STD-2167A is described. The process is based on an approach that integrates trusted computer system evaluation criteria (TCSEC) requirements into the software development process required by DOD-STD-2167A. The process described focuses on development of DOD-STD-2167A data item deliverables, which have been tailored to include TCSEC deliverables. The author describes how these items can be produced in a manner which minimizes the impact on cost and budget, while increasing assurance in the product's trustworthiness.<<ETX>>","PeriodicalId":284420,"journal":{"name":"[1989 Proceedings] Fifth Annual Computer Security Applications Conference","volume":"220 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1989-12-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133967256","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信