{"title":"A model for specifying multi-granularity integrity policies","authors":"L. Badger","doi":"10.1109/SECPRI.1989.36301","DOIUrl":null,"url":null,"abstract":"Systems which provide integrity controls are presented in terms of a request-response paradigm. This paradigm involves modeling the manner in which valid requests are made, a system's method of deciding whether or not to service a request, and the manner in which a system state are performed only in authorized ways. A novel feature of the model is that integrity policies, which are restrictions on how data may be modified, are defined at multiple levels of granularity. At the finest and lowest level of granularity, restrictions are placed directly on how data items may be modified; at successive and more coarse levels of granularity, restrictions are defined in terms provided by lower levels. A hierarchical technique for organizing computations, nested transactions, is adapted for this purpose. Integrity policies expressed in this framework are properties of computations which can be specified and related to other desirable properties, such as concurrent execution and fault tolerance.<<ETX>>","PeriodicalId":126792,"journal":{"name":"Proceedings. 1989 IEEE Symposium on Security and Privacy","volume":"13 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1989-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"15","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. 1989 IEEE Symposium on Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SECPRI.1989.36301","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 15
Abstract
Systems which provide integrity controls are presented in terms of a request-response paradigm. This paradigm involves modeling the manner in which valid requests are made, a system's method of deciding whether or not to service a request, and the manner in which a system state are performed only in authorized ways. A novel feature of the model is that integrity policies, which are restrictions on how data may be modified, are defined at multiple levels of granularity. At the finest and lowest level of granularity, restrictions are placed directly on how data items may be modified; at successive and more coarse levels of granularity, restrictions are defined in terms provided by lower levels. A hierarchical technique for organizing computations, nested transactions, is adapted for this purpose. Integrity policies expressed in this framework are properties of computations which can be specified and related to other desirable properties, such as concurrent execution and fault tolerance.<>
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
