对关键需求建模的经验

Proceedings of COMPASS'94 - 1994 IEEE 9th Annual Conference on Computer Assurance Pub Date : 1994-06-27 DOI:10.1109/CMPASS.1994.318448

C. Payne, A. Moore, D. Mihelcic

{"title":"对关键需求建模的经验","authors":"C. Payne, A. Moore, D. Mihelcic","doi":"10.1109/CMPASS.1994.318448","DOIUrl":null,"url":null,"abstract":"Previous work at NRL demonstrated the benefits of a security modeling approach for building high assurance systems for particular application domains. This paper introduces an application domain called selective bypass that is prominent in certain network security solutions. We present a parameterized modeling framework for the domain and then instantiate a confidentiality model for a particular application, called the External COMSEC Adaptor (ECA), within the framework. We conclude with lessons we learned from modeling, implementing and verifying the ECA. Our experience supports the use of the application-based security modeling approach for high assurance systems.<<ETX>>","PeriodicalId":137767,"journal":{"name":"Proceedings of COMPASS'94 - 1994 IEEE 9th Annual Conference on Computer Assurance","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1994-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":"{\"title\":\"An experience modeling critical requirements\",\"authors\":\"C. Payne, A. Moore, D. Mihelcic\",\"doi\":\"10.1109/CMPASS.1994.318448\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Previous work at NRL demonstrated the benefits of a security modeling approach for building high assurance systems for particular application domains. This paper introduces an application domain called selective bypass that is prominent in certain network security solutions. We present a parameterized modeling framework for the domain and then instantiate a confidentiality model for a particular application, called the External COMSEC Adaptor (ECA), within the framework. We conclude with lessons we learned from modeling, implementing and verifying the ECA. Our experience supports the use of the application-based security modeling approach for high assurance systems.<<ETX>>\",\"PeriodicalId\":137767,\"journal\":{\"name\":\"Proceedings of COMPASS'94 - 1994 IEEE 9th Annual Conference on Computer Assurance\",\"volume\":\"22 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1994-06-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"12\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of COMPASS'94 - 1994 IEEE 9th Annual Conference on Computer Assurance\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CMPASS.1994.318448\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of COMPASS'94 - 1994 IEEE 9th Annual Conference on Computer Assurance","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CMPASS.1994.318448","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 12

摘要

NRL以前的工作展示了为特定应用领域构建高保证系统的安全建模方法的好处。本文介绍了选择性旁路技术在某些网络安全解决方案中的应用领域。我们为域提供了一个参数化的建模框架，然后在框架内为一个特定的应用程序实例化一个机密性模型，该应用程序称为外部COMSEC适配器(ECA)。最后，我们总结了从ECA建模、实施和验证中学到的经验教训。我们的经验支持对高保证系统使用基于应用程序的安全建模方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

An experience modeling critical requirements

Previous work at NRL demonstrated the benefits of a security modeling approach for building high assurance systems for particular application domains. This paper introduces an application domain called selective bypass that is prominent in certain network security solutions. We present a parameterized modeling framework for the domain and then instantiate a confidentiality model for a particular application, called the External COMSEC Adaptor (ECA), within the framework. We conclude with lessons we learned from modeling, implementing and verifying the ECA. Our experience supports the use of the application-based security modeling approach for high assurance systems.<>

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of COMPASS'94 - 1994 IEEE 9th Annual Conference on Computer Assurance

自引率

0.00%

发文量