{"title":"系统安全理论","authors":"Kan Zhang","doi":"10.1109/CSFW.1997.596805","DOIUrl":null,"url":null,"abstract":"Two independent definitions of system security are given through two distinct aspects of a system execution, i.e. state and transform. These two definitions are proven to be equivalent, which gives both confidence to the soundness of our explanation and insight into the internal causality of information flow. Using this definition of information flow security, a general security model for nondeterministic computer systems is presented. On the one hand, our model is based on information flow, which allows it to explain security semantically in terms of other information flow models. On the other hand, our model imposes concrete constraints on the internal system processes, which facilitates implementation and verification in the fashion of access security models. Our model is also more general than previous state-based information flow models, e.g. allowing for concurrency among system processes, which is more suitable for distributed systems.","PeriodicalId":305235,"journal":{"name":"Proceedings 10th Computer Security Foundations Workshop","volume":"52 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1997-06-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"A theory for system security\",\"authors\":\"Kan Zhang\",\"doi\":\"10.1109/CSFW.1997.596805\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Two independent definitions of system security are given through two distinct aspects of a system execution, i.e. state and transform. These two definitions are proven to be equivalent, which gives both confidence to the soundness of our explanation and insight into the internal causality of information flow. Using this definition of information flow security, a general security model for nondeterministic computer systems is presented. On the one hand, our model is based on information flow, which allows it to explain security semantically in terms of other information flow models. On the other hand, our model imposes concrete constraints on the internal system processes, which facilitates implementation and verification in the fashion of access security models. Our model is also more general than previous state-based information flow models, e.g. allowing for concurrency among system processes, which is more suitable for distributed systems.\",\"PeriodicalId\":305235,\"journal\":{\"name\":\"Proceedings 10th Computer Security Foundations Workshop\",\"volume\":\"52 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1997-06-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings 10th Computer Security Foundations Workshop\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CSFW.1997.596805\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings 10th Computer Security Foundations Workshop","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSFW.1997.596805","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Two independent definitions of system security are given through two distinct aspects of a system execution, i.e. state and transform. These two definitions are proven to be equivalent, which gives both confidence to the soundness of our explanation and insight into the internal causality of information flow. Using this definition of information flow security, a general security model for nondeterministic computer systems is presented. On the one hand, our model is based on information flow, which allows it to explain security semantically in terms of other information flow models. On the other hand, our model imposes concrete constraints on the internal system processes, which facilitates implementation and verification in the fashion of access security models. Our model is also more general than previous state-based information flow models, e.g. allowing for concurrency among system processes, which is more suitable for distributed systems.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
