Verified formal security models for multiapplicative smart cards

Journal of Computer Security

Volumn 10, Issue 4, 2002, Pages 339-367

  Schellhorn, Gerhard ^a   Reif, Wolfgang ^a   Schairer, Axel ^a   Karger, Paul ^a   Austel, Vernon ^a   Toll, David ^a  

^a UNIVERSITY OF AUGSBURG   (Germany)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER OPERATING SYSTEMS; CRYPTOGRAPHY; DATA STRUCTURES; ERROR CORRECTION; FORMAL LANGUAGES; SECURITY OF DATA; SMART CARDS;

FORMAL SECURITY MODELS; MULTIPLICATIVE SMART CARDS; SECURE COMMUNICATION; SECURE DOWNLOADING; SECURE POLICY; STRUCTURED FILE SYSTEM;

COMPUTER SOFTWARE SELECTION AND EVALUATION;

EID: 0036427441     PISSN: 0926227X     EISSN: None     Source Type: Journal    
DOI: 10.3233/JCS-2002-10403     Document Type: Article

References (28)

1. L. Badger, D.F. Sterne, D.L. Sherman, K.M. Walker and S.A. Haghighat, Practical domain and type enforcement for UNIX, in: 1995 IEEE Symposium on Security and Privacy, Oakland, CA, 1995, pp. 66-77. URL: http://www.tis.com/docs/research/secure/secure_dte_proj2.html.
2. D.E. Bell and L.J. LaPadula, Secure Computer Systems: Unified Exposition and Multics Interpretation, Technical Report ESD-TR-75-306, The MITRE Corporation, HQ Electronic Systems Division, Hanscom AFB, MA, March 1976. URL: http://csrc.nist.gov/publications/history/bell76.pdf.
3. K.J. Biba, Integrity Considerations for Secure Computer Systems, Technical Report ESD-TR-76-372, The MITRE Corporation, HQ Electronic Systems Division, Hanscom AFB, MA, April 1977.
4. W.E. Boebert and R.Y. Kain, A practical alternative to hierarchical integrity policies, in: 8th National Computer Security Conf., Gaithersburg, MD, National Computer Security Center and National Bureau of Standards, 1985, pp. 18-27.
5. L. Gong and X. Qian, Enriching the expressive power of security labels, IEEE Transactions on Knowledge and Data Engineering 7(5) (October 1995), 839-841.
6. D. Hutter, H. Mantel, G. Rock, W. Stephan, A. Wolpers, M. Balser, W. Reif, G. Schellhorn and K. Stenzel, VSE: Controlling the complexity in formal software developments, in: Applied Formal Methods - FM-Trends 98, LNCS 1641, 1998.
7. Identification cards-identification cards-interrelated circuit(s) cards with contacts-part 4: Inter industry commands for interchange, ISO/IEC 7816-4, International Standards Organization, 1995.
8. Information technology-security techniques-evaluation criteria for IT security, ISO/IEC 15408, International Standards Organization, 1999. URL: http://csrc.nist.gov/cc.
9. ITSEC, Information Technology Security Evaluation Criteria, Version 1.2. Office for Official Publications of the European Communities, Brussels, Belgium, 1991.
10. P.A. Karger, V. Austel and D. Toll, A new mandatory security policy combining secrecy and integrity, RC 21717, IBM Resarch Division, T.J. Watson Research Center, Yorktown Heights, NY, 15 March 2000. URL: http://domino.watson.ibm.com/library/CyberDig.nsf/home.
11. P.A. Karger, V. Austel and D. Toll, Using a mandatory secrecy and integrity policy on smart cards and mobile devices, in: (EUROSMART) Security Conference, Marseille, France, 2000, pp. 134-148, RC 21736 available at http://domino.watson.ibm.com/library/CyberDig.nsf/home.
12. F. Koob, M. Ullmann, S. Wittmann, G. Schellhorn, W. Reif, A. Schairer and W. Stephan, A generic security model for multiapplicative smarts cards-final report of the SMaCOS project, Unpublished, available from the authors.
13. T.F. Lunt, P.G. Neumann, D. Denning, R.R. Schell, M. Heckman and W.R. Shockley, Secure distributed data views - Vol. 1: Security policy and policy interpretation for a class A1 multilevel secure, Technical Report SRI-CSL-88-8, SRI International, Menlo Park, CA, August 1988.
14. H. Mantel, Information flow control and applications-bridging a gap, in: FME 2001: Formal Methods for Increasing Software Productivity, International Symposium of Formal Methods Europe, J.N. Olivera and P. Zave, eds, LNCS 2021, Berlin, Germany, Springer, 2001, pp. 153-172.
15. J. McLean, Security models, in: Encyclopedia of Software Engineering, J. Marciniak, ed., Wiley & Sons, 1994 URL: http://chacs.nrl.navy.mil/publications/CHACS.
16. E.I. Organick, The Multics System: An Examination of Its Structure, The MIT Press, Cambridge, MA, 1972.
17. Philips semiconductors and IBM research to co-develop secure smart cards: Highly secure operating system and processor, suitable for multiple applications. URL: http://www.semiconductors.philips.com/news/content/file_384.html, Feb. 1999.
18. S. Pinsky, Absorbing covers and intransitive non-interference, in: Proc. IEEE Symposium on Security and Privacy, 1995.
19. W. Reif, G. Schellhorn, K. Stenzel and M. Balser, Structured specifications and interactive proofs with KIV, in: Automated Deduction - A Basis for Applications, W. Bibel and P. Schmitt, eds, Kluwer Academic Publishers, Dordrecht, 1998.
20. Roscoe and Goldsmith, What is intransitive noninterference? in: PCSFW: Proceedings of The 12th Computer Security Foundations Workshop, IEEE Computer Society Press, 1999.
21. J. Rushby, Noninterference, Transitivity, and Channel-Control Security Policies, Technical Report CSL-92-02, SRI International, Menlo Park, CA, 1992. URL: http;//www.csl.sri.com/~rushby/reports/csl-92-2.dvi.Z.
22. R. Sandhu, A lattice interpretation of the chinese wall security policy, in: Proc. 15th NIST-NCSC National Computer Security Conference, US Govt. Printing Office, 1992, pp. 329-339.
23. R. Sandhu, Lattice based access control models, IEEE Computer 26(11) (1993), 9-19.
24. R. Schell, T.F. Tao and M. Heckman, Desingning the GEMSOS security kernel for security and performance, in: 8th National Computer Security Conference, Gaithersburg, MD, DoD Computer Security Center and National Bureau of Standards, 1985, pp. 108-119.
25. G. Schellhorn, W. Reif, A. Schairer, P. Karger, V. Austel and D. Toll, Verification of a formal security model for multiapplicative smart cards, in: Proc. of the 6th European Symposium on Research in Computer Security (ESORICS), LNCS 1895, Springer, 2000.
26. L.J. Shirley and R.R. Schell, Mechanism sufficiency validation by assignment, in: 1981 Symposium on Security and Privacy, Oakland, CA, IEEE Computer Society, 1981, pp. 26-32.
27. D.F. Sterne and G.S. Benson, The controlled application set paradigm for trusted systems, in: 1995 National Information Systems Security Conference, Baltimore, Maryland, National Computer Security Center and National Institute of Standards and Technology, 1995. URL: http://www.tis.com/docs/research/secure/secure_dte_proj2.html.
28. J. Ziegler, Ein verifiziertes Sicherheitsmodell für multiapplikative Smartcards, Diplomarbeit, Fakultät für Informatik, Universität Ulm. Germany, 2000 (in German).