发布求助
文献互助 智能选刊 最新文献

Proceedings. IEEE Symposium on Security and Privacy最新文献

筛选
英文 中文
Specification of Key Distribution Protocols for Networks 网络密钥分发协议规范
Proceedings. IEEE Symposium on Security and Privacy Pub Date : 1982-04-26 DOI: 10.1109/SP.1982.10000
D. Sidhu
{"title":"Specification of Key Distribution Protocols for Networks","authors":"D. Sidhu","doi":"10.1109/SP.1982.10000","DOIUrl":"https://doi.org/10.1109/SP.1982.10000","url":null,"abstract":"Computer communication networks provide means for user-computer, user-user, computer-computer interaction where the two communicating entities may be ●t remote places. A user at one site has potential access to the resources of all the computers connected throygh the network. A network-wide and foolproof authentication scheme is needed to allow authorized access to resources and also to prevent spoofing. Such an authentication ●echanism is also needed for charging a customer for the use of ● system resources, remote updating of software, etc.","PeriodicalId":90300,"journal":{"name":"Proceedings. IEEE Symposium on Security and Privacy","volume":"213 1","pages":"90"},"PeriodicalIF":0.0,"publicationDate":"1982-04-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74427520","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Security Policies and Security Models 安全策略和安全模型
Proceedings. IEEE Symposium on Security and Privacy Pub Date : 1982-04-26 DOI: 10.1109/SP.1982.10014
J. Goguen, J. Meseguer
{"title":"Security Policies and Security Models","authors":"J. Goguen, J. Meseguer","doi":"10.1109/SP.1982.10014","DOIUrl":"https://doi.org/10.1109/SP.1982.10014","url":null,"abstract":"We assune that the reader is familiar with the ubiquity of information in the modern world and is sympathetic with the need for restricting rights to read, add, modify, or delete information in specific contexts. This need is particularly acute for systems having computers as significant components.","PeriodicalId":90300,"journal":{"name":"Proceedings. IEEE Symposium on Security and Privacy","volume":"35 6","pages":"11-20"},"PeriodicalIF":0.0,"publicationDate":"1982-04-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"72567586","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2228
Precise Information Flow Analysis by Program Verification 基于程序验证的精确信息流分析
Proceedings. IEEE Symposium on Security and Privacy Pub Date : 1982-04-26 DOI: 10.1109/SP.1982.10003
C. Landauer, S. D. Crocker
{"title":"Precise Information Flow Analysis by Program Verification","authors":"C. Landauer, S. D. Crocker","doi":"10.1109/SP.1982.10003","DOIUrl":"https://doi.org/10.1109/SP.1982.10003","url":null,"abstract":"Information flow analysis algorithms for programs typically overestimate the amount of information flow that occurs in a program, since they must account for all paths through the computation graph, whether or not they are actually possible. This is the source of the information flow anomalies, which are simple situations not properly handled by syntactic information flow analysis. This paper introduces an abstract information content function for state machine models of programs, and applies it to the information firm analysis problem, in conjunction with a semantic analysis of functional behavior provided by a program verification system. Our method fits well within the framework of many existing program verification systems, requiring only a small amount of knowledge of set theory. Some of the more common information flow anomalies are shown to be handled correctly by the method.","PeriodicalId":90300,"journal":{"name":"Proceedings. IEEE Symposium on Security and Privacy","volume":"25 1","pages":"74-80"},"PeriodicalIF":0.0,"publicationDate":"1982-04-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74353346","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
A Practical Approach to Identifying Storage and Timing Channels 一种识别存储和时序信道的实用方法
Proceedings. IEEE Symposium on Security and Privacy Pub Date : 1982-04-26 DOI: 10.1109/SP.1982.10007
R. Kemmerer
{"title":"A Practical Approach to Identifying Storage and Timing Channels","authors":"R. Kemmerer","doi":"10.1109/SP.1982.10007","DOIUrl":"https://doi.org/10.1109/SP.1982.10007","url":null,"abstract":"Recognizing and dealing with storage and timing channels when performing the security analysis of a computer system is an elusive task. Methods of discovering and dealing with these channels for the most part have been ad hoc, and those that are not are restricted to a particular specification language. This paper outlines a practical methodology for discovering storage and timing channels that can be used through all phases of the software life cycle to increase the assurance that all channels have been identified. The methodology is presented and its application to three different descriptions (English, formal specification, and high order language implementation) are discussed.","PeriodicalId":90300,"journal":{"name":"Proceedings. IEEE Symposium on Security and Privacy","volume":"75 1","pages":"66-73"},"PeriodicalIF":0.0,"publicationDate":"1982-04-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79948326","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Kernel Isolation for the PDP-11/70 PDP-11/70的内核隔离
Proceedings. IEEE Symposium on Security and Privacy Pub Date : 1982-04-26 DOI: 10.1109/SP.1982.10004
J. Millen
{"title":"Kernel Isolation for the PDP-11/70","authors":"J. Millen","doi":"10.1109/SP.1982.10004","DOIUrl":"https://doi.org/10.1109/SP.1982.10004","url":null,"abstract":"A security kernel is that part of operating system software responsible for controlling access to files and other resources. This report gives a paradigm for showing that a kernel can protect itself from destruction or tampering by user software, on the basis of the hardware and kernel software properties. An illustrative proof is carried out for DEC PDP-11 /70 hardware, with kernel properties that would be typical for this machine.","PeriodicalId":90300,"journal":{"name":"Proceedings. IEEE Symposium on Security and Privacy","volume":"10 1","pages":"57-65"},"PeriodicalIF":0.0,"publicationDate":"1982-04-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89823370","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
A Preliminary Neval Surveillance OBMS Sacurity 一种初步的网络监视OBMS安全
Proceedings. IEEE Symposium on Security and Privacy Pub Date : 1982-04-26 DOI: 10.1109/SP.1982.10021
R. Graubart, J. P. Woodward
{"title":"A Preliminary Neval Surveillance OBMS Sacurity","authors":"R. Graubart, J. P. Woodward","doi":"10.1109/SP.1982.10021","DOIUrl":"https://doi.org/10.1109/SP.1982.10021","url":null,"abstract":"This paper presents an informal security model for the use of data base management systems supporting Naval surveillance applications. The paper discusses why conventional security models are inadequate for data base needs. Also, the Naval surveillance system environment is described, followed by a description of the model and its application to Naval surveillance systems. The model itself is made up of subjects (the users), objects (the data), operators, and policies. The paper concludes with a discussion of directions for model evolution and the observation that, although designed for a particular class of data base applications, the model is surprisingly general.","PeriodicalId":90300,"journal":{"name":"Proceedings. IEEE Symposium on Security and Privacy","volume":"14 1","pages":"21-37"},"PeriodicalIF":0.0,"publicationDate":"1982-04-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78935776","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
A System Architecture to Support a Verifiably Secure Multilevel Security System 支持可验证安全的多级安全系统的系统架构
Proceedings. IEEE Symposium on Security and Privacy Pub Date : 1980-04-14 DOI: 10.1109/SP.1980.10007
G. Davida, R. DeMillo, R. Lipton
{"title":"A System Architecture to Support a Verifiably Secure Multilevel Security System","authors":"G. Davida, R. DeMillo, R. Lipton","doi":"10.1109/SP.1980.10007","DOIUrl":"https://doi.org/10.1109/SP.1980.10007","url":null,"abstract":"Technology that allows significant sharing of computer resources carries with it an increased responsibility to protect these resources from un-authorized, malicioua, irresponsible, or unintended use or disclosure. The years have seen a progression of increasingly sensitive information made available in increasingly less supervised modes to a variety of users. Commercial users routinely store valuable financial information and conduct cashless transactions electronically. University professors maintain class grading forms and examinations on departmental computers. Government agencies keep extensive databases of sensitive information regarding employees, foreign nationals, U.S. citizens. The military and intelligence communities continue to press for more powerful techniques to enhance their information gathering and processing capabilities. In spite of the clear need for guarantees of security, all practical schemes to protect information stored or manipulated by such systems are either seriously flawed or reduce ultimately to a collection of physical security protocols (ace [1] for an overview of the state of the art).","PeriodicalId":90300,"journal":{"name":"Proceedings. IEEE Symposium on Security and Privacy","volume":"11 1","pages":"137-144"},"PeriodicalIF":0.0,"publicationDate":"1980-04-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89659628","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
One Time Pads Are Key Safeguarding Schemes, Not Cryptosystems Fast Key Safeguarding Schemes (Threshold Schemes) Exist 存在一次性密钥保护方案,而不存在快速密钥保护方案(阈值方案)
Proceedings. IEEE Symposium on Security and Privacy Pub Date : 1980-04-14 DOI: 10.1109/SP.1980.10016
G. Blakley
{"title":"One Time Pads Are Key Safeguarding Schemes, Not Cryptosystems Fast Key Safeguarding Schemes (Threshold Schemes) Exist","authors":"G. Blakley","doi":"10.1109/SP.1980.10016","DOIUrl":"https://doi.org/10.1109/SP.1980.10016","url":null,"abstract":"Common sense, David Kahn [KA67] and Gilles Brassard [BR79] all argue that there are no unbreakable cryptosystems. What, then, is to be made of the -- provably [D179a, pp. 399-400] unbreakable -- Vernam one-time pad? The somewhat surprising answer is that it is not a cryptosystem at all, but rather a key safeguarding scheme [BL79] used, as all such schemes can be, in the courier mode. This suggests that proofs of invulnerability of key safeguarding schemes, what A. Shamir [SH79] calls threshold schemes, are as natural as proofs of difficulty of breaking cryptosystems are un-natural (perhaps impossible). Indeed, such an approach sets the Vernam one-time pad securely into context. Both the projective geometric threshold scheme [BL79] and the Lagrange interpolation threshold scheme [SH79] profit from being generalized from the field of integers modulo some prime p to arbitrary Galois fields. In particular, their computer implementations are particularly felicitous in some fields with 2n elements.","PeriodicalId":90300,"journal":{"name":"Proceedings. IEEE Symposium on Security and Privacy","volume":"531 1","pages":"108-113"},"PeriodicalIF":0.0,"publicationDate":"1980-04-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76710435","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Multi-Tiered Approach to System Security 系统安全的多层方法
Proceedings. IEEE Symposium on Security and Privacy Pub Date : 1980-04-01 DOI: 10.1109/SP.1980.10004
Peppe Barbarino
{"title":"Multi-Tiered Approach to System Security","authors":"Peppe Barbarino","doi":"10.1109/SP.1980.10004","DOIUrl":"https://doi.org/10.1109/SP.1980.10004","url":null,"abstract":"When a system is designed to process several levels of classified information, a multi-tiered approach to system security is needed. The total security system should be divided into eight areas which cover: Separation of Authority Personnel Security Physical Security Emanation Security Terminal Security Operating System Security File Security Audit Trail The purpose of the security system is to ensure that adequate safeguards are infused to protect information through the system's hardware and software design, and by other appropriate administrative, physical and personnel security controls. Because of the sensitive nature of the data being processed, these procedures must be judiciously implemented, carefully managed, regularly reviewed and continuously monitored.","PeriodicalId":90300,"journal":{"name":"Proceedings. IEEE Symposium on Security and Privacy","volume":"38 1","pages":"114-121"},"PeriodicalIF":0.0,"publicationDate":"1980-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77219782","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信