The role of the development process in operating system security

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 1975, Issue , 2000, Pages 277-291

  Payne, Christian ^a  

^a MURDOCH UNIVERSITY   (Australia)

Author keywords

[No Author keywords available]

Indexed keywords

ARTIFICIAL INTELLIGENCE; COMPUTER SCIENCE; COMPUTERS;

DEVELOPMENT PHASE; DEVELOPMENT PROCESS; FIELDED SYSTEMS; FURTHER WORKS; INTERNETWORKED; OPERATING SYSTEM SECURITY; SECURITY VULNERABILITIES; SUITABLE SOLUTIONS;

SECURITY OF DATA;

EID: 23044524265     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/3-540-44456-4_21     Document Type: Conference Paper

References (20)

1. Ross Anderson. Why cryptosystems fail. Communications of the ACM, 37(11):32-40, November 1994.
2. Richard Baskerville. Information systems security design methods: Implications for information systems development. ACM Computing Surveys, 25(4):375-414, 1993.
3. David E. Bell and Leonard J. LaPadula. Secure computer systems: Mathematical foundations and model. Technical Report M74-244, Mitre Corporation, Bedford, MA, 1973.
4. Silvana Castano, Giancarlo Martella, and Pierangela Samarati. A new approach to security system development. In Proceedings of the 1994 ACM SIGSAC on New Security Paradigms Workshop, pages 82-88, 1994.
5. Santosh Chokhani. Trusted products evaluation. Communications of the ACM, 35(7):64-76, 1992.
6. Simson Garfinkel and Eugene Spafiord. Practical Unix and Internet Security. O'Reilly & Associates, second edition, 1996.
7. Donald Mackenzie and Garrell Pottinger. Mathematics, technology, and trust: Formal verification, computer security and the U.S. military. IEEE Annals of the History of Computing, 19(3):41-59, 1997.
8. John McLean. A comment on the "Basic Security Theorem" of Bell and LaPadula. Information Processing Letters, 20(2):67-70, 1985.
9. D.N.J. Mostert and S.H. von Solms. A technique to include computer security, safety, and resilience requirements as part of the requirements specification. Journal of Systems Software, 31:45-53, 1995.
10. National Computer Security Center. NCSC-TG-002 Trusted Product Evaluations - A Guide for Vendors, 22 June 1990. "Bright Blue Book", Available Online: http://www.radium.ncsc.mil/tpep/library/rainbow/NCSC-TG-002.html.
11. Peter G. Neumann. Architectures and formal representations for secure systems. Technical report, Computer Science Laboratory, SRI International, Menlo Park, CA 94025-3493, 2 October 1995. SRI Project 6401, Prepared for the US Department of Defense.
12. Christian Payne. Security Through Design as a Paradigm for Systems Development, 1999. Murdoch University, Perth, Western Australia.
13. Charles P. Pfleeger. Security in Computing. Prentice-Hall, Upper Saddle River, New Jersey, 1997.
14. Deborah Russell and G.T. Gangemi Sr. Computer Security Basics. O'Reilly & Associates, 1992.
15. Bruce Schneier. Why cryptography is harder than it looks. Online: http://www.counterpane.com/whycrypto.html, 1997.
16. SecurityFocus.Com. BUGTRAQ VulDB Stats. Online: http://www.securityfocus.com/vdb/stats.html, May 2000.
17. U.S. Department of Defense, Washington, D.C. Trusted Computer System Evaluation Criteria, 1985. DOD 5200.28-STD.
18. Chenxi Wang and William A. Wulf. Towards a framework for security measurement. In Proceedings of the 20th National Information Systems Security Conference, pages 522-533, 1997.
19. J.L. Whitten, L.D. Bentley, and V.M. Barlow. Systems Analysis and Design Methods. Irwin, 1994.
20. Hans U. Zoebelein. The Internet operating system counter. Online: http://leb.net/hzo/ioscount/, April 1999.