A formal model for integrity protection based on DTE technique

Science in China, Series F: Information Sciences

Volumn 49, Issue 5, 2006, Pages 545-565

  Ji, Qingguang ^a   Qing, Sihan ^a   He, Yeping ^a  

^a INSTITUTE OF SOFTWARE   (China)

Author keywords

Domain; Formal model; Information flow; Integrity policy; Type

Indexed keywords

EID: 33749460449     PISSN: 10092757     EISSN: 18622836     Source Type: Journal    
DOI: 10.1007/s11432-006-2014-6     Document Type: Article

References (27)

1. Jueneman R R. Integrity controls for military and commercial applications. In: Fourth Aerospace Computer Security Applications Conference. Florida: IEEE Computer Society Press, 1988. 298-322
2. Ruthberg Z G, Polk W T. Report of the Invitational Workshop on Data Integrity, National Institute of Standards and Techonology. NIST Special Publication, September, 1989. 500-168
3. Mayfleld T, Boore J M, Welke S R. Integrity-oriented control objectives: Proposed revision to the trusted computer systems evaluation criteria (TCSEC, DoD5200.28.STD), IDA document D-967, prepared for National Security Agency (US), available at http:/ www.mirrors.wiretapped.net/security/inf/reference/ncse- publications/C-TR-111-91.pdf
4. Information technology - Security techniques - Evaluation criteria for IT security - Part 2: Security functional requirements, ISO/IEC 15408-2, 1999, International Standards Organization
5. Abrams M D, Joyce M V. Trusted system concepts. Computers and Security, 1995, 14(1): 45-56
6. Bell D E. Multipolicy machine Model. In: Proceedings of the 1994 ACM SIGSAC on New Security Paradigms Workshop. Little Compton, RI USA, August 1994, 2-9
7. Mayfleld T, Roskos J E, Welke S R, et al. Integrity in automated information systems, NCSC Technical Report, National Computer Security Center, 1991, 91
8. Sandhu R S. On five definitions of data integrity. In: Keefe T F, Landwehr C E, eds. Database Security, VII: Status and Prospects. Proceedings of the IFIP WG11.3 Workshop on Database Security, Lake Guntersville, Alabama, 1993. 257-267
9. LaPadula L J. Rule-set modeling of a trusted computer system. In: Abrams M D, Jajodia S, Podell H J, eds. Information Security: An Integrated Collection of Essays. Los Alamitos: IEEE Computer Society Press, 1995. 187-226
10. Kargar P A, Austel V, Toll D. A new mandatory security policy combining secrecy and integrity. IBM research report RC21717, 2000
11. Fraser T. LOMAC: Low Water-Mark Integrity Protection for COTS Environments. NAI Labs report 0775, 2000
12. Ott A. The Rule Set Based Access Control (RSBAC) Linux Kernel Security Extension. In: 8th International Linux Kongress, Enschede, November 2001. Available at http://www.rsbac.org/doc/media/linux-kongress/linux-kongress.html.
13. Smith R E. Sidewinder: Defense in Depth using Type Enforcement. Secure Computing Corporation Report, 2000
14. Badger L, Sterne D F, Sherman D L, et al. Practical domain and type enforcement for UNIX. In: Proceedings of IEEE Symposium on Security and Privacy, Oakland, CA: IEEE Computer Society Press, 1995. 66-77
15. Walker K M, Sterne D F, Badger M L, et al. Confining root programs with domain and type enforcement (DTE). In: Proceedings of 1996 Usenix Security Symposium, San Jose, CA, 1996. Available at http://www.usenix.org/publications/ library/proceedings/sec96/walker.html.
16. Tidswell J E, Potter J M. An approach to dynamic domain and type enforcement, Lecture Notes in Computer Science, Volume 1270. In: Proceedings of the 2nd Australasian Conference on Information Security and Privacy, July 1997, 26-37
17. Boebert W E, Kain R Y, Young W D. Secure computing: The secure Ada target approach, Advance in Computer System Security. Volume 3. Turn R, ed. Boston/London: Artech House, INC, 1988
18. Cohen F. Computer viruses: theory and experiments, Advance in Computer System Security, Volume 3, Turn R, ed. Boston/London: Artech House, INC, 1988
19. Lee T M P. Using mandatory integrity to enforce 'commercial' security. In: Proceedings of IEEE Symposium on Security and Privacy, 1988, 140-146
20. Thomsen D J. Role-based application design and enforcement. In: Jajodia S, Landwehr C E, eds. Database Security, IV: Status and Prospects, North-Holland, 1991. 151-168
21. Nyanchama M. Commercial integrity, roles and object orientation. Ph.D dissertation. The University of Western Ontario, London, Ontario, 1994
22. Lipner S. Non-discretionary control for commercial applications. In: Proceedings of IEEE 1982 Symposium on Research in Security and Privacy, April 1982, 2-10
23. Fraser T, Badger L. Ensuring continuity during dynamic security policy reconfiguration in DTE. In: Proceedings of 1998 IEEE Symposium on Research in Security and Privacy, Oakland, CA: IEEE Computer Society Press, 1998. 15-26
24. Haigh J T, Young W D. Extending the noninterference version of MLS for SAT. In: Proceedings of 1986 IEEE Symposium on Research in Security and Privacy, Oakland, CA: IEEE Computer Society Press, 1986, 232-239
25. Ji Q G, Tang L Y, Sheng Q N, ERCIST OS V4.0 security policy formal model and its applicatons (in Chinese), Engineering Research Center for Information Security Technology, the technical documentation of the "structured protection class" secure operating system, Mar. 2003
26. Jaeger T, Tidswell J E. Practical safety in flexible access control models. ACM Transactions on Information and System Security, 2001, 4(2): 158-190
27. Hoffman J. Implementing RBAC on a type enforced system Proc. 13th Annual Computer Security Applications Conference, December 1997, 158-163