{"title":"分布式系统安全的层次模型","authors":"G. Benson, W. Appelbe, I. Akyildiz","doi":"10.1109/SECPRI.1989.36294","DOIUrl":null,"url":null,"abstract":"A description is given of the hierarchical model (HM), an access matrix-based model used to define nondisclosure in distributed multilevel secure applications such as secure file systems, secure switches, and secure upgrade downgrade facilities. The HM explicitly encodes access rights, synchronization primitives, and indirection in its state matrix. Serializability of concurrent commands is formally defined in terms of the HM syntactic model of computation. HM serializability conditions are independent of the semantic security predicate. Finally, an example that illustrates the HM is presented.<<ETX>>","PeriodicalId":126792,"journal":{"name":"Proceedings. 1989 IEEE Symposium on Security and Privacy","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1989-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"The hierarchical model of distributed system security\",\"authors\":\"G. Benson, W. Appelbe, I. Akyildiz\",\"doi\":\"10.1109/SECPRI.1989.36294\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"A description is given of the hierarchical model (HM), an access matrix-based model used to define nondisclosure in distributed multilevel secure applications such as secure file systems, secure switches, and secure upgrade downgrade facilities. The HM explicitly encodes access rights, synchronization primitives, and indirection in its state matrix. Serializability of concurrent commands is formally defined in terms of the HM syntactic model of computation. HM serializability conditions are independent of the semantic security predicate. Finally, an example that illustrates the HM is presented.<<ETX>>\",\"PeriodicalId\":126792,\"journal\":{\"name\":\"Proceedings. 1989 IEEE Symposium on Security and Privacy\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1989-05-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings. 1989 IEEE Symposium on Security and Privacy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SECPRI.1989.36294\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. 1989 IEEE Symposium on Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SECPRI.1989.36294","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The hierarchical model of distributed system security
A description is given of the hierarchical model (HM), an access matrix-based model used to define nondisclosure in distributed multilevel secure applications such as secure file systems, secure switches, and secure upgrade downgrade facilities. The HM explicitly encodes access rights, synchronization primitives, and indirection in its state matrix. Serializability of concurrent commands is formally defined in terms of the HM syntactic model of computation. HM serializability conditions are independent of the semantic security predicate. Finally, an example that illustrates the HM is presented.<>
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
