计算机系统安全流分析(初步报告)

1980 IEEE Symposium on Security and Privacy Pub Date : 1980-04-14 DOI:10.1109/SP.1980.10001

Lishing Liu

{"title":"计算机系统安全流分析(初步报告)","authors":"Lishing Liu","doi":"10.1109/SP.1980.10001","DOIUrl":null,"url":null,"abstract":"A formal model of multilevel security systems is presented. We examine weaknesses of current security flow analysis mechanisms. A concept of expression flows is introduced, which allows us to use various techniques to certify systems that cannot be certified using current flow analysis techniques. We provide a method for generating static authorization requirements for systems in which authorization functions are only partially specified. We also attack the problem of using dynamic authorization functions for system certification.","PeriodicalId":372320,"journal":{"name":"1980 IEEE Symposium on Security and Privacy","volume":"176 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1980-04-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"On Security Flow Analysis in Computer Systems (Preliminary Report)\",\"authors\":\"Lishing Liu\",\"doi\":\"10.1109/SP.1980.10001\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"A formal model of multilevel security systems is presented. We examine weaknesses of current security flow analysis mechanisms. A concept of expression flows is introduced, which allows us to use various techniques to certify systems that cannot be certified using current flow analysis techniques. We provide a method for generating static authorization requirements for systems in which authorization functions are only partially specified. We also attack the problem of using dynamic authorization functions for system certification.\",\"PeriodicalId\":372320,\"journal\":{\"name\":\"1980 IEEE Symposium on Security and Privacy\",\"volume\":\"176 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1980-04-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"1980 IEEE Symposium on Security and Privacy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SP.1980.10001\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"1980 IEEE Symposium on Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SP.1980.10001","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

摘要

提出了多级安全系统的形式化模型。我们研究了当前安全流分析机制的弱点。介绍了表达式流的概念，它允许我们使用各种技术来认证不能使用当前流分析技术认证的系统。我们提供了一种方法，用于为仅部分指定授权功能的系统生成静态授权需求。我们还解决了使用动态授权功能进行系统认证的问题。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

On Security Flow Analysis in Computer Systems (Preliminary Report)

A formal model of multilevel security systems is presented. We examine weaknesses of current security flow analysis mechanisms. A concept of expression flows is introduced, which allows us to use various techniques to certify systems that cannot be certified using current flow analysis techniques. We provide a method for generating static authorization requirements for systems in which authorization functions are only partially specified. We also attack the problem of using dynamic authorization functions for system certification.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

1980 IEEE Symposium on Security and Privacy

自引率

0.00%

发文量

期刊最新文献

Program Committee Protecting Shared Cryptographic Keys A Module Definition Facility for Access Control in Distributed Data Base Systems The Secure Relational Database Management System Kernel: Three Years After On Security Flow Analysis in Computer Systems (Preliminary Report)