{"title":"根据主题-指令流对保密进行建模","authors":"James G. Williams","doi":"10.1109/RISP.1991.130775","DOIUrl":null,"url":null,"abstract":"A formal definition is given of nondisclosure for a computing system and the author describes a functional decomposition of the system into two kinds of activities, namely, the selection and execution of subject instructions. Security requirements for each of the two resulting subsystems are given, and it is proved that, if each subsystem satisfies its security requirements, then the entire system satisfies the given nondisclosure property. Finally, in order to show how security can be enforced by the system, an access-control model is given for subject-instruction processing that guarantees satisfaction of the given security requirements for subject-instruction processing.<<ETX>>","PeriodicalId":445112,"journal":{"name":"Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy","volume":"206 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1991-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Modeling nondisclosure in terms of the subject-instruction stream\",\"authors\":\"James G. Williams\",\"doi\":\"10.1109/RISP.1991.130775\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"A formal definition is given of nondisclosure for a computing system and the author describes a functional decomposition of the system into two kinds of activities, namely, the selection and execution of subject instructions. Security requirements for each of the two resulting subsystems are given, and it is proved that, if each subsystem satisfies its security requirements, then the entire system satisfies the given nondisclosure property. Finally, in order to show how security can be enforced by the system, an access-control model is given for subject-instruction processing that guarantees satisfaction of the given security requirements for subject-instruction processing.<<ETX>>\",\"PeriodicalId\":445112,\"journal\":{\"name\":\"Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy\",\"volume\":\"206 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1991-05-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/RISP.1991.130775\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/RISP.1991.130775","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Modeling nondisclosure in terms of the subject-instruction stream
A formal definition is given of nondisclosure for a computing system and the author describes a functional decomposition of the system into two kinds of activities, namely, the selection and execution of subject instructions. Security requirements for each of the two resulting subsystems are given, and it is proved that, if each subsystem satisfies its security requirements, then the entire system satisfies the given nondisclosure property. Finally, in order to show how security can be enforced by the system, an access-control model is given for subject-instruction processing that guarantees satisfaction of the given security requirements for subject-instruction processing.<>
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
