计算机安全方向

ACM '83 Pub Date : 1900-01-01 DOI:10.1145/800173.809695
Anne-Marie Claybrook
{"title":"计算机安全方向","authors":"Anne-Marie Claybrook","doi":"10.1145/800173.809695","DOIUrl":null,"url":null,"abstract":"One of the primary thrusts in operating system security has come from the Department of Defense (DoD), which early recognized the need for security controls in open use, multi-user, resource-shared computer systems.1 Two features in particular, mandatory access controls and security kernel technology, have been strongly promoted by the DoD. Mandatory access controls, necessary to support a security policy that cannot be circumvented by any user (in DoD's case, the national security policy regarding personnel clearances and data classifications) are being studied for their applicability to business2 and industry security problems. Security kernel technology is an implementation of the reference monitor concept, a security enforcement abstraction which views a computer system as composed of subjects (e.g., processes, users) and objects (e.g., files) and a reference monitor which checks each access by a subject to an object. In the past ten years, several attempts to build secure operating systems have utilized security kernel technology. While none of these attempts was practical from a performance point of view, the security kernel research still serves as a basis for current attempts to build secure systems.\n In a continuing effort to promote secure systems for DoD use, the DoD Computer Security Center was formed in 1981. One of the first tasks of the Center was to draft a “Trusted Computer System Evaluation Criteria” which defines various levels of protection for computer systems.3 In addition to listing feature requirements, including auditing, labelling, mandatory access controls, discretionary access controls, identification and authentication, the criteria discuss both the structure and development techniques used to produce trusted systems.","PeriodicalId":306306,"journal":{"name":"ACM '83","volume":"23 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Directions in computer security\",\"authors\":\"Anne-Marie Claybrook\",\"doi\":\"10.1145/800173.809695\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"One of the primary thrusts in operating system security has come from the Department of Defense (DoD), which early recognized the need for security controls in open use, multi-user, resource-shared computer systems.1 Two features in particular, mandatory access controls and security kernel technology, have been strongly promoted by the DoD. Mandatory access controls, necessary to support a security policy that cannot be circumvented by any user (in DoD's case, the national security policy regarding personnel clearances and data classifications) are being studied for their applicability to business2 and industry security problems. Security kernel technology is an implementation of the reference monitor concept, a security enforcement abstraction which views a computer system as composed of subjects (e.g., processes, users) and objects (e.g., files) and a reference monitor which checks each access by a subject to an object. In the past ten years, several attempts to build secure operating systems have utilized security kernel technology. While none of these attempts was practical from a performance point of view, the security kernel research still serves as a basis for current attempts to build secure systems.\\n In a continuing effort to promote secure systems for DoD use, the DoD Computer Security Center was formed in 1981. One of the first tasks of the Center was to draft a “Trusted Computer System Evaluation Criteria” which defines various levels of protection for computer systems.3 In addition to listing feature requirements, including auditing, labelling, mandatory access controls, discretionary access controls, identification and authentication, the criteria discuss both the structure and development techniques used to produce trusted systems.\",\"PeriodicalId\":306306,\"journal\":{\"name\":\"ACM '83\",\"volume\":\"23 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ACM '83\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/800173.809695\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM '83","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/800173.809695","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1

摘要

操作系统安全的主要推动力之一来自国防部(DoD),它很早就认识到在开放使用、多用户、资源共享的计算机系统中需要安全控制特别是两个特性,强制访问控制和安全内核技术,得到了国防部的大力推广。强制访问控制是支持任何用户都无法规避的安全策略所必需的(在国防部的情况下,是关于人员许可和数据分类的国家安全策略),目前正在研究其对商业和行业安全问题的适用性。安全内核技术是引用监视器概念的实现,引用监视器是一种安全强制抽象,它将计算机系统视为由主体(例如,进程、用户)和对象(例如,文件)组成的,引用监视器检查主体对对象的每次访问。在过去的十年中,许多构建安全操作系统的尝试都利用了安全内核技术。虽然从性能的角度来看,这些尝试都不实用,但安全内核的研究仍然可以作为构建安全系统的基础。为了继续努力促进国防部使用的安全系统,国防部计算机安全中心于1981年成立。该中心的首要任务之一是起草“可信计算机系统评估标准”,该标准定义了计算机系统的各种保护级别除了列出功能需求(包括审计、标签、强制访问控制、自由访问控制、标识和身份验证)之外,标准还讨论了用于生成可信系统的结构和开发技术。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
Directions in computer security
One of the primary thrusts in operating system security has come from the Department of Defense (DoD), which early recognized the need for security controls in open use, multi-user, resource-shared computer systems.1 Two features in particular, mandatory access controls and security kernel technology, have been strongly promoted by the DoD. Mandatory access controls, necessary to support a security policy that cannot be circumvented by any user (in DoD's case, the national security policy regarding personnel clearances and data classifications) are being studied for their applicability to business2 and industry security problems. Security kernel technology is an implementation of the reference monitor concept, a security enforcement abstraction which views a computer system as composed of subjects (e.g., processes, users) and objects (e.g., files) and a reference monitor which checks each access by a subject to an object. In the past ten years, several attempts to build secure operating systems have utilized security kernel technology. While none of these attempts was practical from a performance point of view, the security kernel research still serves as a basis for current attempts to build secure systems. In a continuing effort to promote secure systems for DoD use, the DoD Computer Security Center was formed in 1981. One of the first tasks of the Center was to draft a “Trusted Computer System Evaluation Criteria” which defines various levels of protection for computer systems.3 In addition to listing feature requirements, including auditing, labelling, mandatory access controls, discretionary access controls, identification and authentication, the criteria discuss both the structure and development techniques used to produce trusted systems.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Optical storage of page images and pictorial data - opportunities and needed advances in information retrieval Office automation and the changing definition of the workplace Why Ada is not just another programming language Session M4: Women in the workplace Network protocol: A structured approach
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1