发布求助
文献互助 智能选刊 最新文献

Proceedings 1995 IEEE Symposium on Security and Privacy最新文献

筛选
英文 中文
Version pool management in a multilevel secure multiversion transaction manager 多级安全多版本事务管理器中的版本池管理
Proceedings 1995 IEEE Symposium on Security and Privacy Pub Date : 1995-05-08 DOI: 10.1109/SECPRI.1995.398931
Andrew Warner, T. Keefe
{"title":"Version pool management in a multilevel secure multiversion transaction manager","authors":"Andrew Warner, T. Keefe","doi":"10.1109/SECPRI.1995.398931","DOIUrl":"https://doi.org/10.1109/SECPRI.1995.398931","url":null,"abstract":"The paper presents initial results of an ongoing project to develop an experimental prototype of a multilevel secure (MLS) database system (DBS) based upon a multiversion scheduling protocol. The purpose of the project is to explore design alternatives and demonstrate feasibility. The work focuses on the mechanisms needed to provide efficient access to multiple versions of data as required by the protocol. With this protocol, strictly dominating transactions are serialized before active dominated transactions to avoid contention. These dominating transactions require access to old snapshots. The purpose of this work is to characterize the storage and access cost associated with the approach. We describe a prototype featuring an untrusted version pool mechanism to study this question. An analytical model is developed to predict storage and search costs. The analytical model is validated through measurements made on the prototype.<<ETX>>","PeriodicalId":420458,"journal":{"name":"Proceedings 1995 IEEE Symposium on Security and Privacy","volume":"97 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127195010","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Formal methods in the THETA kernel THETA核中的形式化方法
Proceedings 1995 IEEE Symposium on Security and Privacy Pub Date : 1995-05-08 DOI: 10.1109/SECPRI.1995.398925
Mike Seager, D. Guaspari, M. Stillerman, C. Marceau
{"title":"Formal methods in the THETA kernel","authors":"Mike Seager, D. Guaspari, M. Stillerman, C. Marceau","doi":"10.1109/SECPRI.1995.398925","DOIUrl":"https://doi.org/10.1109/SECPRI.1995.398925","url":null,"abstract":"THETA is a secure distributed operating system designed to run on a variety of hardware platforms. We are currently undertaking an effort to formally specify and implement a new THETA kernel to improve its security properties and to increase its portability. We used a number of \"formal methods\" tools in developing the specification and analyzing its implementation. The report presents an overview of the THETA kernel architecture, then discusses the methods and tools that we used to develop it. We include a critique of the tools and a discussion of the relative merits of using Ada and C to implement complex secure systems.<<ETX>>","PeriodicalId":420458,"journal":{"name":"Proceedings 1995 IEEE Symposium on Security and Privacy","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128662772","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Supporting security requirements in multilevel real-time databases 支持多级实时数据库的安全需求
Proceedings 1995 IEEE Symposium on Security and Privacy Pub Date : 1995-05-08 DOI: 10.1109/SECPRI.1995.398933
R. David, S. Son, R. Mukkamala
{"title":"Supporting security requirements in multilevel real-time databases","authors":"R. David, S. Son, R. Mukkamala","doi":"10.1109/SECPRI.1995.398933","DOIUrl":"https://doi.org/10.1109/SECPRI.1995.398933","url":null,"abstract":"Database systems for real-time applications must satisfy timing constraints associated with transactions, in addition to maintaining data consistency. In addition to real-time requirements, security is usually required in many applications. Multilevel security requirements introduce a new dimension to transaction processing in real-time database systems. We argue that due to the conflicting goals of each requirement, trade-offs need to be made between security and timeliness. We first define capacity, a measure of the degree to which security is being satisfied by a system. A secure two-phase locking protocol is then described and a scheme is proposed to allow partial violations of security for improved timeliness. The capacity of the resultant covert channel is derived and a feedback control scheme is proposed that does not allow the capacity to exceed a specified upper bound.<<ETX>>","PeriodicalId":420458,"journal":{"name":"Proceedings 1995 IEEE Symposium on Security and Privacy","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130636856","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 37
Cryptographic credit control in pre-payment metering systems 预付计量系统中的密码信用控制
Proceedings 1995 IEEE Symposium on Security and Privacy Pub Date : 1995-05-08 DOI: 10.1109/SECPRI.1995.398919
Ross J. Anderson, S. J. Bezuidenhoudt
{"title":"Cryptographic credit control in pre-payment metering systems","authors":"Ross J. Anderson, S. J. Bezuidenhoudt","doi":"10.1109/SECPRI.1995.398919","DOIUrl":"https://doi.org/10.1109/SECPRI.1995.398919","url":null,"abstract":"We describe the successful introduction of cryptology into a new application area-protecting prepayment electricity meters from token fraud. These meters are used by a number of utilities from Scotland to South Africa, and they present some interesting security challenges.<<ETX>>","PeriodicalId":420458,"journal":{"name":"Proceedings 1995 IEEE Symposium on Security and Privacy","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123899220","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 15
Practical Domain and Type Enforcement for UNIX UNIX的实用域和类型强制
Proceedings 1995 IEEE Symposium on Security and Privacy Pub Date : 1995-05-08 DOI: 10.1109/SECPRI.1995.398923
L. Badger, D. Sterne, D. L. Sherman, K. M. Walker, Sheila A. Haghighat
{"title":"Practical Domain and Type Enforcement for UNIX","authors":"L. Badger, D. Sterne, D. L. Sherman, K. M. Walker, Sheila A. Haghighat","doi":"10.1109/SECPRI.1995.398923","DOIUrl":"https://doi.org/10.1109/SECPRI.1995.398923","url":null,"abstract":"Type enforcement is a table-oriented mandatory access control mechanism well-suited for confining applications and restricting information flows. Although both flexible and strong, type enforcement alone imposes significant administrative costs and has not been widely adopted. Domain and Type Enforcement (DTE) is an enhanced version of type enforcement designed to provide needed simplicity and compatibility. Two primary techniques distinguish DTE from simple type enforcement: DTE policies are expressed in a high-level language that includes file security attribute associations as well as other access control information; and during system execution, DTE file security attributes are maintained using a concise human-readable format in a runtime DTE policy database, thus removing the need for security-specific low-level data formats. Such formats are a major source of incompatibility for security-enhanced systems. A DTE UNIX prototype system has been implemented to evaluate these primary DTE concepts. This paper presents experiences gained and preliminary results indicating that DTE can provide cost effective security increases to UNIX systems while maintaining a high degree of compatibility with existing programs and media.<<ETX>>","PeriodicalId":420458,"journal":{"name":"Proceedings 1995 IEEE Symposium on Security and Privacy","volume":"170 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132518511","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 206
An architecture for covert channel control in realtime networks and multiprocessors 实时网络和多处理器隐蔽信道控制体系结构
Proceedings 1995 IEEE Symposium on Security and Privacy Pub Date : 1995-05-08 DOI: 10.1109/SECPRI.1995.398930
R. Browne
{"title":"An architecture for covert channel control in realtime networks and multiprocessors","authors":"R. Browne","doi":"10.1109/SECPRI.1995.398930","DOIUrl":"https://doi.org/10.1109/SECPRI.1995.398930","url":null,"abstract":"The paper discusses a system architecture for controlling covert channels in multilevel real-time networks and multiprocessor systems. The concept is derived from a popular (non-secure) real-time architecture I refer to as a foreground/background system. I address the covert channel (confinement) problem in the real-time foreground. Covert channel control within this system architecture rests on two properties: (I) a fairly strong nondisclosure properly called \"elastic separability\"; (2) \"systolic\", or phase-delayed timing of real-time system input-output with non-preemptive scheduling. The architecture is thus called a \"systolic elastically separable\" (SES) real-time network. SES networks satisfy a security property called \"weak confinement\". Total security (called \"strong confinement\") can be achieved in any SES real-time network by making simple timing adjustments at external interfaces.<<ETX>>","PeriodicalId":420458,"journal":{"name":"Proceedings 1995 IEEE Symposium on Security and Privacy","volume":"14 11","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120867285","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
The semantics and expressive power of the MLR data model MLR数据模型的语义和表达能力
Proceedings 1995 IEEE Symposium on Security and Privacy Pub Date : 1995-05-08 DOI: 10.1109/SECPRI.1995.398928
Fang Chen, R. Sandhu
{"title":"The semantics and expressive power of the MLR data model","authors":"Fang Chen, R. Sandhu","doi":"10.1109/SECPRI.1995.398928","DOIUrl":"https://doi.org/10.1109/SECPRI.1995.398928","url":null,"abstract":"We define the multilevel relational (MLR) data model for multilevel relations with element-level labeling. This model builds upon prior work of numerous authors in this area, and integrates ideas from a number of sources. A new data-based semantics is given to the MLR data model which combines ideas from SeaView, belief-based semantics and LDV model, and has the advantages of both eliminating ambiguity and retaining upward information flow. The resulting model is simple, unambiguous and powerful. It has five integrity properties and five operation statements for manipulating multilevel relations. In order to support this integration, we introduce several new concepts as well as redefine several old ones. The expressive power of the MLR model is also discussed in this paper, and is compared with several other models. We also address some issues in converting the MLR model to tuple-level labeling, including both scheme mapping and operation interpretation.<<ETX>>","PeriodicalId":420458,"journal":{"name":"Proceedings 1995 IEEE Symposium on Security and Privacy","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115737608","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 26
CSP and determinism in security modelling 安全建模中的CSP和确定性
Proceedings 1995 IEEE Symposium on Security and Privacy Pub Date : 1995-05-08 DOI: 10.1109/SECPRI.1995.398927
A. W. Roscoe
{"title":"CSP and determinism in security modelling","authors":"A. W. Roscoe","doi":"10.1109/SECPRI.1995.398927","DOIUrl":"https://doi.org/10.1109/SECPRI.1995.398927","url":null,"abstract":"We show how a variety of confidentiality properties can be expressed in terms of the abstraction mechanisms that CSP provides. We argue that determinism of the abstracted low-security viewpoint provides the best type of property. By changing the form of abstraction mechanism we are able to model different assumptions about how systems behave, including handling the distinction between input and output actions. A detailed analysis of the nature of nondeterminism shows why certain security properties have had the paradoxical property of not being preserved by refinement-a disadvantage not shared by the determinism-based conditions. Finally we give an efficient algorithm for testing the determinism properties on a model-checker.<<ETX>>","PeriodicalId":420458,"journal":{"name":"Proceedings 1995 IEEE Symposium on Security and Privacy","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130643637","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 254
The Interrogator model 审讯者模型
Proceedings 1995 IEEE Symposium on Security and Privacy Pub Date : 1995-05-08 DOI: 10.1109/SECPRI.1995.398937
J. Millen
{"title":"The Interrogator model","authors":"J. Millen","doi":"10.1109/SECPRI.1995.398937","DOIUrl":"https://doi.org/10.1109/SECPRI.1995.398937","url":null,"abstract":"The Interrogator is a protocol security analysis tool implemented in Prolog and based on a communicating-machine message transformation model with message modification threats. It supports a large and extendible class of symbolic encryption and data transformation operators with a novel equation-solving approach in the context of equational theories. The operator representation and equation-solving capability has a simple interface to the protocol and threat model.<<ETX>>","PeriodicalId":420458,"journal":{"name":"Proceedings 1995 IEEE Symposium on Security and Privacy","volume":"49 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130499330","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 55
Holding intruders accountable on the Internet 在互联网上追究入侵者的责任
Proceedings 1995 IEEE Symposium on Security and Privacy Pub Date : 1995-05-08 DOI: 10.1109/SECPRI.1995.398921
Stuart Staniford-Chen, Todd L. Heberlein
{"title":"Holding intruders accountable on the Internet","authors":"Stuart Staniford-Chen, Todd L. Heberlein","doi":"10.1109/SECPRI.1995.398921","DOIUrl":"https://doi.org/10.1109/SECPRI.1995.398921","url":null,"abstract":"This paper addresses the problem of tracing intruders who obscure their identity by logging through a chain of multiple machines. After discussing previous approaches to this problem, we introduce thumbprints which are short summaries of the content of a connection. These can be compared to determine whether two connections contain the same text and are therefore likely to be part of the same connection chain. We enumerate the properties a thumbprint needs to have to work in practice, and then define a class of local thumbprints which have the desired properties. A methodology from multivariate statistics called principal component analysis is used to infer the best choice of thumbprinting parameters from data. Currently our thumbprints require 24 bytes per minute per connection. We develop an algorithm to compare these thumbprints which allows for the possibility that data may leak from one time-interval to the next. We present experimental data showing that our scheme works on a local area network.<<ETX>>","PeriodicalId":420458,"journal":{"name":"Proceedings 1995 IEEE Symposium on Security and Privacy","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1995-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129668107","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 316
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信