{"title":"分散、不安全系统中资产流控制的通用极限安全模型","authors":"Eckehard Hermann, Rüdiger Grimm","doi":"10.1109/ARES.2013.28","DOIUrl":null,"url":null,"abstract":"Information and knowledge are assets. Therefore, authorization conflicts about information flow are subject to security concerns. The protection of information flow in a decentralized system is an important security objective in the business world. Once information is given away, there is an asymmetric relationship between the owner and the recipient of the information, because the owner has no control over a proper use or misuse by the recipient. The Common Limes Security Model (the Limes model for short) presented in this paper is a substantial extension of a simple model. It provides provable policies for asset (information) flow control. Rule elements are history and conflict functions maintained by the asset owners and protected by contracts between communication partners. If correctly implemented and enforced the rules of the Limes model guarantee the protection of assets from an unauthorized flow. They allow an information object to stay in a secure state in a decentralized, i.e. in an insecure environment. This paper defines the model and proves the security of its rules.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"122 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"The Common Limes Security Model for Asset Flow Control in Decentralized, Insecure Systems\",\"authors\":\"Eckehard Hermann, Rüdiger Grimm\",\"doi\":\"10.1109/ARES.2013.28\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Information and knowledge are assets. Therefore, authorization conflicts about information flow are subject to security concerns. The protection of information flow in a decentralized system is an important security objective in the business world. Once information is given away, there is an asymmetric relationship between the owner and the recipient of the information, because the owner has no control over a proper use or misuse by the recipient. The Common Limes Security Model (the Limes model for short) presented in this paper is a substantial extension of a simple model. It provides provable policies for asset (information) flow control. Rule elements are history and conflict functions maintained by the asset owners and protected by contracts between communication partners. If correctly implemented and enforced the rules of the Limes model guarantee the protection of assets from an unauthorized flow. They allow an information object to stay in a secure state in a decentralized, i.e. in an insecure environment. This paper defines the model and proves the security of its rules.\",\"PeriodicalId\":302747,\"journal\":{\"name\":\"2013 International Conference on Availability, Reliability and Security\",\"volume\":\"122 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-09-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 International Conference on Availability, Reliability and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ARES.2013.28\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2013.28","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The Common Limes Security Model for Asset Flow Control in Decentralized, Insecure Systems
Information and knowledge are assets. Therefore, authorization conflicts about information flow are subject to security concerns. The protection of information flow in a decentralized system is an important security objective in the business world. Once information is given away, there is an asymmetric relationship between the owner and the recipient of the information, because the owner has no control over a proper use or misuse by the recipient. The Common Limes Security Model (the Limes model for short) presented in this paper is a substantial extension of a simple model. It provides provable policies for asset (information) flow control. Rule elements are history and conflict functions maintained by the asset owners and protected by contracts between communication partners. If correctly implemented and enforced the rules of the Limes model guarantee the protection of assets from an unauthorized flow. They allow an information object to stay in a secure state in a decentralized, i.e. in an insecure environment. This paper defines the model and proves the security of its rules.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
