Approach to enforcing clark-wilson model based on type enforcement

Tien Tzu Hsueh Pao/Acta Electronica Sinica

Volumn 36, Issue 2, 2008, Pages 216-223

  He, Jian Bo ^a   Guo, Xin ^c   Qing, Si Han ^a,b  

^a INSTITUTE OF GEOLOGY AND GEOPHYSICS   (China)

^b PEKING UNIVERSITY   (China)

^c BEIJING CITY UNIVERSITY   (China)

Author keywords

Clark Wilson model; Integrity; Separation of duty; Type Enforcement (TE)

Indexed keywords

ACCESS CONTROL; AUTHENTICATION;

CLARK-WILSON MODEL; INTEGRITY; TYPE ENFORCEMENT (TE);

SECURITY OF DATA;

EID: 41649120000     PISSN: 03722112     EISSN: None     Source Type: Journal    
DOI: None     Document Type: Article

References (19)

1. D D Clark, D R Wilson, A comparison of commercial and military computer security policies[A]. In Proceedings of 1987 IEEE Symposium on Security and Privacy[C]. Oakland, CA: IEEE press, 1987. 184-194.
2. T Mayfield, J E Roskos, S R Welke, J M Boone. Integrity in Automated information Systems[R]. U. S. National Computer Security Center, 1991, 79-91.
3. T Lee. Using mandatory integrity to enforce 'commercial' security[A]. In Proceedings of 1988 IEEE Symposium on Security and Privacy[C]. Oakland, CA: IEEE press, 1988. 140-146.
4. P K Karger. Implementing commercial data integrity with secure capabilities[A]. In Proceedings of 1988 IEEE Symposium on Security and Privacy[C]. Oakland, CA: IEEE press, 1988, 130-139.
5. W Polk. Approximating clark-wilson 'access triples' with basic UNIX controls[A]. In Proceedings of the 4th USENIX UNIX Security Symposium[C]. Santa Clara, CA: USENIX press, 1993. 145-154.
6. LIANG B, SHI W C, SUN Y F, SUN B. An approach to enforcing clark-wilson model in role-based access control[J]. Chinese Journal of Electronics, 2004, 13(4): 596-599.
7. J Mclean, Security Models. In: J. Marciniak, eds. , Encyclopedia of Software Engineering[M]. Wiley Press, 1994.
8. WEN Hongzi. Research on Commercial Security Policy and its Formal Analysis[D]. Beijing: Institute of Software, the Chinese Academy of Sciences. 2004. (in Chinese with English abstract)
9. D J Thomsen, J T Haigh. A comparison of type enforcement and unix setuid implementation of well-formed transactions[A]. In Proceedings of 6th Annual Computer Security Applications Conference[C]. Tucson, Arizona: IEEE press, 1990. 304-312.
10. W E Boebert, R Y Kain. A practical alternative to hierarchical integrity policies[A]. In Proceedings of 8th National Computer Security Conference[C]. Gaithersburg, MD, 1985. 18-27.
11. T Fine, S E Minear. Assuring distributed trusted mach[A]. In Proceedings of 1993 IEEE Symposium on Security and Privacy[C]. Oakland, CA: IEEE press, 1993. 206-218.
12. SMALLEY, S. 2002. Configuring the SELinux policy[R]. NAI Labs Rep. 02-007, available at www.nsa.gov/selinux. June 2002.
13. M Bishop. Computer Security: Art and Science[M]. Chapter 13, New York: Addison-Wisley, 2002.
14. National Computer Security Center. Trusted Computer System Evaluation Criteria[S]. Dept of Defense, No.DOD 5200. 28-STD.
15. T Fraser, L Badger. Ensuring continuity during dynamic security policy reconfiguration in DTE[A]. In Proceedings of 1998 IEEE Symposium on Security and Privacy[C]. Oakland, CA: IEEE press, 1998. 15-26.
16. R Simon, M E Zurko. Separation of duty in role-based environments[A]. In Proceedings of 1997 IEEE Computer Security Foundations Workshop[C]. Washington, DC: IEEE press, 1997. 183-194.
17. Jonathon E, Tidswell, Trent Jaeger. Integrated constraints and inheritance in DTAC[A]. In Proceedings of the 5th ACM Symposium on Access Control Models and Technologies[C]. Berlin, Germany: ACM press, 2000, 93-102.
18. R S Sandhu, P Samarati. Access control: Principle and practice[J]. IEEE Communication Magazine, 1994, 32(9): 40-48.
19. D J Thomsen. Role-Based Application Design and Enforcement[M]. In Database Security, IV: Status and Prospects (eds. Jajodia, S., Landwehr, Carl, E.), Amsterdam: North-Holland, 1991. 151-168.