{"title":"作为一种安全策略是没有帮助的,或者是时候了","authors":"R. Nelson","doi":"10.1109/NSPW.1995.492341","DOIUrl":null,"url":null,"abstract":"Suggests the possibility of controlling the rate of release of information as well as whether the information can be released at all. If the user must have access to information but does not require fast access to large amounts of data, the system can release the information to that user in a slow and unhelpful manner. The addition of the parameter of time acts as a deterrent to information collectors and intruders; less information is available, and the user must access the system repeatedly and for a longer time to get it. Investigation of the rate of release has led to further understanding of the principle of least privilege. The principle of least privilege has generally been espoused by the computer security community as highly desirable. It has been applied to computer security, but only in limited ways. Consideration of time allows a refinement of the concept and offers the possibility of more flexible and fine-grained control.","PeriodicalId":111230,"journal":{"name":"Proceedings of 1995 New Security Paradigms Workshop","volume":"81 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1995-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"Unhelpfulness as a security policy, or it's about time\",\"authors\":\"R. Nelson\",\"doi\":\"10.1109/NSPW.1995.492341\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Suggests the possibility of controlling the rate of release of information as well as whether the information can be released at all. If the user must have access to information but does not require fast access to large amounts of data, the system can release the information to that user in a slow and unhelpful manner. The addition of the parameter of time acts as a deterrent to information collectors and intruders; less information is available, and the user must access the system repeatedly and for a longer time to get it. Investigation of the rate of release has led to further understanding of the principle of least privilege. The principle of least privilege has generally been espoused by the computer security community as highly desirable. It has been applied to computer security, but only in limited ways. Consideration of time allows a refinement of the concept and offers the possibility of more flexible and fine-grained control.\",\"PeriodicalId\":111230,\"journal\":{\"name\":\"Proceedings of 1995 New Security Paradigms Workshop\",\"volume\":\"81 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1995-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of 1995 New Security Paradigms Workshop\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NSPW.1995.492341\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of 1995 New Security Paradigms Workshop","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NSPW.1995.492341","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Unhelpfulness as a security policy, or it's about time
Suggests the possibility of controlling the rate of release of information as well as whether the information can be released at all. If the user must have access to information but does not require fast access to large amounts of data, the system can release the information to that user in a slow and unhelpful manner. The addition of the parameter of time acts as a deterrent to information collectors and intruders; less information is available, and the user must access the system repeatedly and for a longer time to get it. Investigation of the rate of release has led to further understanding of the principle of least privilege. The principle of least privilege has generally been espoused by the computer security community as highly desirable. It has been applied to computer security, but only in limited ways. Consideration of time allows a refinement of the concept and offers the possibility of more flexible and fine-grained control.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
