发布求助
文献互助 智能选刊 最新文献

[1992] Proceedings The Computer Security Foundations Workshop V最新文献

筛选
英文 中文
A classical automata approach to noninterference type problems 无干扰型问题的经典自动机方法
[1992] Proceedings The Computer Security Foundations Workshop V Pub Date : 1992-06-16 DOI: 10.1109/CSFW.1992.236792
I. S. Moskowitz, O. Costich
{"title":"A classical automata approach to noninterference type problems","authors":"I. S. Moskowitz, O. Costich","doi":"10.1109/CSFW.1992.236792","DOIUrl":"https://doi.org/10.1109/CSFW.1992.236792","url":null,"abstract":"Using classical automata theory the authors show how noninterference can be viewed as a relatively simple phenomenon. They also give direction for future work concerning probabilistic security problems using classical automata theory.<<ETX>>","PeriodicalId":350578,"journal":{"name":"[1992] Proceedings The Computer Security Foundations Workshop V","volume":"61 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1992-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127226971","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 17
An algebraic approach to non-interference (computer security) 不干扰的代数方法(计算机安全)
[1992] Proceedings The Computer Security Foundations Workshop V Pub Date : 1992-06-16 DOI: 10.1109/CSFW.1992.236789
Sylvan Pinsky
{"title":"An algebraic approach to non-interference (computer security)","authors":"Sylvan Pinsky","doi":"10.1109/CSFW.1992.236789","DOIUrl":"https://doi.org/10.1109/CSFW.1992.236789","url":null,"abstract":"This paper introduces necessary and sufficient conditions for solving the Haigh-Young view-identical problem. A decision procedure, based on properties of the state transition matrix and the function relating states to outputs, is used to establish the equivalence between non-interference and the existence of Haigh-Young view-identical relations on the set of states.<<ETX>>","PeriodicalId":350578,"journal":{"name":"[1992] Proceedings The Computer Security Foundations Workshop V","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1992-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115114311","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
An analysis of some delegation protocols for distributed systems 分布式系统委托协议的分析
[1992] Proceedings The Computer Security Foundations Workshop V Pub Date : 1992-06-16 DOI: 10.1109/CSFW.1992.236784
Claudio Calvelli, V. Varadharajan
{"title":"An analysis of some delegation protocols for distributed systems","authors":"Claudio Calvelli, V. Varadharajan","doi":"10.1109/CSFW.1992.236784","DOIUrl":"https://doi.org/10.1109/CSFW.1992.236784","url":null,"abstract":"This papers gives a precise analysis of some of the delegation protocols described by V. Varadharajan et. al. (1991). They analysed the problem of delegation in distributed systems and proposed three delegation protocols-chained, nested and linked-based on different inter-object trust assumptions in the system. They also considered some delegation protocols for the Kerberos authentication system. The authors give an analysis of the chained, nested, and linked delegation protocols using the calculus for access control by M. Abadi et. al. (1991), and analyse the delegation protocols for Kerberos using the belief logic of R. Kaislar and V.D. Gligor (1991).<<ETX>>","PeriodicalId":350578,"journal":{"name":"[1992] Proceedings The Computer Security Foundations Workshop V","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1992-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131125511","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
Partial belief and probabilistic reasoning in the analysis of secure protocols 安全协议分析中的部分信念与概率推理
[1992] Proceedings The Computer Security Foundations Workshop V Pub Date : 1992-06-16 DOI: 10.1109/CSFW.1992.236785
E. Campbell, R. Safavi-Naini, P. Pleasants
{"title":"Partial belief and probabilistic reasoning in the analysis of secure protocols","authors":"E. Campbell, R. Safavi-Naini, P. Pleasants","doi":"10.1109/CSFW.1992.236785","DOIUrl":"https://doi.org/10.1109/CSFW.1992.236785","url":null,"abstract":"The authors propose an extension of the BAN logic to reason about a secure protocol in a hostile and/or unknown environment. Probabilities, attached to the sentences and rules of the logic, allow them to quantify the beliefs of principals and represent the insecurities and uncertainties of a real life situation. They develop a probabilistic logic and obtain tight lower bounds on the probability of the conclusion which correspond to the minimum trust that can be put on the goal of the protocol. This gives them a powerful tool to model and study the performance of secure protocols. They discuss a probabilistic semantic for BAN logic and apply the results to the Needham-Schroeder protocol. The paper concludes by discussing the merits of these results and mentioning some open problems.<<ETX>>","PeriodicalId":350578,"journal":{"name":"[1992] Proceedings The Computer Security Foundations Workshop V","volume":"03 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1992-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127193044","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 30
Realisation of the Bell-LaPadula security policy in an OSI-distributed system using asymmetric and symmetric cryptographic algorithms 使用非对称和对称密码算法实现osi分布式系统中的Bell-LaPadula安全策略
[1992] Proceedings The Computer Security Foundations Workshop V Pub Date : 1992-06-16 DOI: 10.1109/CSFW.1992.236778
J. Verschuren, R. Govaerts, J. Vandewalle
{"title":"Realisation of the Bell-LaPadula security policy in an OSI-distributed system using asymmetric and symmetric cryptographic algorithms","authors":"J. Verschuren, R. Govaerts, J. Vandewalle","doi":"10.1109/CSFW.1992.236778","DOIUrl":"https://doi.org/10.1109/CSFW.1992.236778","url":null,"abstract":"This article discusses a distributed implementation of the Bell-LaPadula security policy model. Implementation of a confidentiality service in the OSIRM is not sufficient for enforcing the Bell-LaPadula model. Also integrity services are necessary. In this article both public key systems (PKSs) as well as symmetric cryptographic systems are considered for the realisation of these security services. By concentrating on the key distribution, no cryptographic algorithms or protocols are excluded on beforehand. It is investigated how key-distributions can be found resulting in a minimum number of keys. Application of PKSs results in a key distribution which requires less keys than key-distributions going with the use of a symmetric system. Moreover, practical or viable key-distributions going with symmetric algorithms turn out to be more sensitive to the disclosure of a secret key than key-distributions going with PKSs. A combination of a PKS and a symmetric system is indicated which does not suffer from the disadvantages going with the use of symmetric systems alone.<<ETX>>","PeriodicalId":350578,"journal":{"name":"[1992] Proceedings The Computer Security Foundations Workshop V","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1992-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127421446","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
The expressive power of multi-parent creation in monotonic access control models 单调访问控制模型中多父创建的表达能力
[1992] Proceedings The Computer Security Foundations Workshop V Pub Date : 1992-06-16 DOI: 10.1109/CSFW.1992.236780
P. Ammann, R. Lipton, R. Sandhu
{"title":"The expressive power of multi-parent creation in monotonic access control models","authors":"P. Ammann, R. Lipton, R. Sandhu","doi":"10.1109/CSFW.1992.236780","DOIUrl":"https://doi.org/10.1109/CSFW.1992.236780","url":null,"abstract":"Formal demonstration of equivalence or nonequivalence of different security models helps identify the fundamental constructs and principles in such models. The authors demonstrate the nonequivalence of two monotonic access control models that differ only in the creation operation for new subjects and/or objects; in particular, they show that single-parent creation is less expressive than multi-parent creation in monotonic models. The paper also demonstrates that in nonmonotonic models, multi-parent creation can be reduced to single-parent creation, thereby neutralizing the difference in expressive power. The nonequivalence proof is carried out on an abstract access control model, following which the results are interpreted in standard formulations. In particular, they apply the results to demonstrate nonequivalence of the schematic protection model (SPM) and the extended schematic protection model (ESPM). They also show how the results apply to the typed access matrix model (TAM).<<ETX>>","PeriodicalId":350578,"journal":{"name":"[1992] Proceedings The Computer Security Foundations Workshop V","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1992-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132944190","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 20
Attribute support for inter-domain use 支持域间使用的属性
[1992] Proceedings The Computer Security Foundations Workshop V Pub Date : 1992-06-16 DOI: 10.1109/CSFW.1992.236777
M. Zurko
{"title":"Attribute support for inter-domain use","authors":"M. Zurko","doi":"10.1109/CSFW.1992.236777","DOIUrl":"https://doi.org/10.1109/CSFW.1992.236777","url":null,"abstract":"This paper describes the user attribute service (UAS), a tool providing the storage and management of application-specific per-user security attributes for applications running in a distributed environment. The UAS provides for the security and integrity of attribute-to-user bindings, as well as the secrecy of those bindings, if the application or user requests it. Four goals of the UAS are support of least privilege, local control and autonomy, instantiation of trust relationships, and psychological acceptability. Mechanisms to group and enable privilege attributes support the least privilege principal at the user request level. Functions are designed to enhance the usability of the UAS within and across domains by attribute holders and security managers.<<ETX>>","PeriodicalId":350578,"journal":{"name":"[1992] Proceedings The Computer Security Foundations Workshop V","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1992-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132213991","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Foundations of intrusion detection (computer security) 入侵检测基础(计算机安全)
[1992] Proceedings The Computer Security Foundations Workshop V Pub Date : 1992-06-16 DOI: 10.1109/CSFW.1992.236783
P. Helman, G. Liepins, Wynette Richards
{"title":"Foundations of intrusion detection (computer security)","authors":"P. Helman, G. Liepins, Wynette Richards","doi":"10.1109/CSFW.1992.236783","DOIUrl":"https://doi.org/10.1109/CSFW.1992.236783","url":null,"abstract":"Computer use is modeled as a mixture of two stochastic processes, normal and misuse. Intrusion detection is formally defined as identifying those transactions generated by the misuse process. Bounds for detection performance are derived in terms of the ratios of the densities of the processes at the individual transactions. It is shown that any optimal intrusion detection system must rank transaction suspicion consistently with these ratios. Sparsity of data requires that transactions be grouped into equivalence classes that preserve the order of the true ratio ranking and reduce the number of singleton and unobserved transactions. Results are described that demonstrate that in general this 'singleton reduction' problem is NP-hard.<<ETX>>","PeriodicalId":350578,"journal":{"name":"[1992] Proceedings The Computer Security Foundations Workshop V","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1992-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125176475","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 22
Causal security (computer systems) 因果安全(计算机系统)
[1992] Proceedings The Computer Security Foundations Workshop V Pub Date : 1992-06-16 DOI: 10.1109/CSFW.1992.236788
M. Mowbray
{"title":"Causal security (computer systems)","authors":"M. Mowbray","doi":"10.1109/CSFW.1992.236788","DOIUrl":"https://doi.org/10.1109/CSFW.1992.236788","url":null,"abstract":"This paper gives a new definition of security, which takes causal information into account. The new definition can be used to determine the security of nondeterministic concurrent systems for which high-level information may be either input into the system during its operation, or inherent in the original state of the system. It is possible to have systems which are secure under this definition which write to audit before performing each transition. The definition satisfies several useful composition properties, including one which gives it some protection from Trojan horse attacks.<<ETX>>","PeriodicalId":350578,"journal":{"name":"[1992] Proceedings The Computer Security Foundations Workshop V","volume":"89 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1992-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114601978","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
A framework for composition of security models 用于组合安全模型的框架
[1992] Proceedings The Computer Security Foundations Workshop V Pub Date : 1992-06-16 DOI: 10.1109/CSFW.1992.236779
J. Landauer, T. Redmond
{"title":"A framework for composition of security models","authors":"J. Landauer, T. Redmond","doi":"10.1109/CSFW.1992.236779","DOIUrl":"https://doi.org/10.1109/CSFW.1992.236779","url":null,"abstract":"The authors present an abstract framework for composing models of system components. The abstract presentation is designed to be applicable to a very wide range of models of computation. They introduce a restricted model of computation and develop techniques that are useful for composing security models for modular systems. They include a small example of a composed security model.<<ETX>>","PeriodicalId":350578,"journal":{"name":"[1992] Proceedings The Computer Security Foundations Workshop V","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1992-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126982274","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信