私有桌面和共享存储

Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217) Pub Date : 1998-12-07 DOI:10.1109/CSAC.1998.738618

Bryony Pomeroy, S. Wiseman

{"title":"私有桌面和共享存储","authors":"Bryony Pomeroy, S. Wiseman","doi":"10.1109/CSAC.1998.738618","DOIUrl":null,"url":null,"abstract":"Modern interconnected computer systems handling classified information can be built using mainstream COTS software platforms. The technique provides each user with a private desktop in which to work, along with services for sharing data. Within a desktop, the user is helped to label their data. When data is shared, labelling prevents accidental compromise, but other measures defend against other forms of compromise. Purple Penelope is a prototype that extends Windows NT security to support this approach. It adds discretionary labelling, easy-to-use role-based access controls and effective accounting and auditing measures to shared files.","PeriodicalId":426526,"journal":{"name":"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)","volume":"231 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1998-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"18","resultStr":"{\"title\":\"Private desktops and shared store\",\"authors\":\"Bryony Pomeroy, S. Wiseman\",\"doi\":\"10.1109/CSAC.1998.738618\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Modern interconnected computer systems handling classified information can be built using mainstream COTS software platforms. The technique provides each user with a private desktop in which to work, along with services for sharing data. Within a desktop, the user is helped to label their data. When data is shared, labelling prevents accidental compromise, but other measures defend against other forms of compromise. Purple Penelope is a prototype that extends Windows NT security to support this approach. It adds discretionary labelling, easy-to-use role-based access controls and effective accounting and auditing measures to shared files.\",\"PeriodicalId\":426526,\"journal\":{\"name\":\"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)\",\"volume\":\"231 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1998-12-07\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"18\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CSAC.1998.738618\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSAC.1998.738618","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 18

摘要

现代互联计算机系统处理机密信息可以使用主流的COTS软件平台。该技术为每个用户提供了一个用于工作的私有桌面，以及用于共享数据的服务。在桌面中，帮助用户标记他们的数据。当数据共享时，标签可以防止意外泄露，但其他措施可以防止其他形式的泄露。Purple Penelope是扩展Windows NT安全性以支持此方法的原型。它为共享文件增加了自由裁量标签、易于使用的基于角色的访问控制以及有效的会计和审计措施。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Private desktops and shared store

Modern interconnected computer systems handling classified information can be built using mainstream COTS software platforms. The technique provides each user with a private desktop in which to work, along with services for sharing data. Within a desktop, the user is helped to label their data. When data is shared, labelling prevents accidental compromise, but other measures defend against other forms of compromise. Purple Penelope is a prototype that extends Windows NT security to support this approach. It adds discretionary labelling, easy-to-use role-based access controls and effective accounting and auditing measures to shared files.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)

自引率

0.00%

发文量