Fluid information systems

Proceedings New Security Paradigms Workshop

Volumn , Issue , 2009, Pages 125-132

  Probst, Christian W ^a   Hansen, René Rydhof ^b  

^a TECHNICAL UNIVERSITY OF DENMARK   (Denmark)

^b AALBORG UNIVERSITY   (Denmark)

Author keywords

Design; Security

Indexed keywords

DAY-TO-DAY OPERATIONS; DESIGN SECURITY; LANGUAGE-BASED SECURITY; NETWORKED COMMUNICATION SYSTEMS;

COMMUNICATION SYSTEMS; TECHNICAL PRESENTATIONS;

NETWORK SECURITY;

EID: 77950873998     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1719030.1719048     Document Type: Conference Paper

References (28)

1. P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauer, I. Pratt, and A. Warfield. Xen and the art of virtualization. In SOSP '03: Proceedings of the nineteenth ACM symposium on Operating systems principles, pages 164-177, New York, NY, USA, 2003. ACM.
2. M. Beaumont-Gay, K. Eustice, V. Ramakrishna, and P. Reiher. Information protection via environmental data tethers. In Proceedings of the New Securiy Paradigms Workshop (NSPW 2007), 2007.
3. M. Bishop. The Insider Problem Revisited. In Proc. of New Security Paradigms Workshop 2005, Lake Arrowhead, CA, USA, Sept. 2005. ACM Press.
4. R. C. Brackney and R. H. Anderson, editors. Understanding the Insider Threat. RAND Corporation, Santa Monica, CA, U.S.A., March 2005.
5. R. Chinchani, A. Iyer, H. Q. Ngo, and S. Upadhyaya. Towards a theory of insider threat assessment. In Proceedings of the 2005 International Conference on Dependable Systems and Networks, pages 108-117. IEEE Computer Society, 2005.
6. S. Chong and A. C. Myers. Language-Based Information Erasure. In CSFW '05: Proceedings of the 18th IEEE Computer Security Foundations Workshop (CSFW'05), pages 241-254, Washington, DC, USA, 2005. IEEE Computer Society.
7. G. Cole. Nailing jelly to a wall: is it possible? Available from http://graeme.woaf.net/otherbits/jelly.html, last visited April 9, 2008.
8. M. Dacier and Y. Deswarte. Privilege graph: an extension to the typed access matrix model. In Proceedings of the European Symposium On Research In Computer Security, 1994.
9. T. Dimitrakos, F. Martinelli, P. Y. A. Ryan, and S. A. Schneider, editors. Formal Aspects in Security and Trust, Fourth International Workshop, FAST 2006, Hamilton, Ontario, Canada, August 26-27, 2006, Revised Selected Papers, volume 4691 of Lecture Notes in Computer Science. Springer, 2007.
10. J. Gorski and A. Wardzinski. Formalising fault trees. In F. Redmill and T. Anderson, editors, Achievement and Assurance of Safety: Proceedings of the 3rd Safety-critical Systems Symposium, pages 311-328, Brighton, 1995. Springer.
11. R. R. Hansen and C. W. Probst. Secure dynamic program repartitioning. In Proceedings of the 10th Nordic Workshop in Secure IT-Systems (NordSec 2005), 2005.
12. K. Kursawe and S. Katzenbeisser. Computing under occupation. In Proceedings of the New Securiy Paradigms Workshop (NSPW 2007), 2007.
13. M. E. Locasto. Self-Healing: Science, engineering, and fiction. In Proceedings of the New Securiy Paradigms Workshop (NSPW 2007), 2007.
14. A. C. Myers. JFlow: practical mostly-static information flow control. In ACM, editor, POPL '99. Proceedings of the 26th ACM SIGPLAN-SIGACT on Principles of programming languages, January 20-22, 1999, San Antonio, TX, ACM SIGPLAN Notices, pages 228-241, New York, NY, USA, 1999. ACM Press.
15. A. C. Myers and B. Liskov. Protecting privacy using the decentralized label model. ACM Transactions on Software Engineering and Methodology, 9(4):41000442, Oct. 2000.
16. R. D. Nicola, G. Ferrari, and R. Pugliese. KLAIM: a Kernel Language for Agents Interaction and Mobility. IEEE Transactions on Software Engineering, 24(5):315-330, May 1998.
17. F. Nielson, H. R. Nielson, and C. L. Hankin. Principles of Program Analysis. Springer-Verlag, 1999.
18. R. Ortalo, Y. Deswarte, and M. Kaâniche. Experimenting with quantitative evaluation tools for monitoring operational security. IEEE Transactions on Software Engineering, 25(5):633-650, 1999.
19. C. W. Probst and R. R. Hansen. An extensible analysable system model. Information Security Technical Report, 13(4):235-246, 2008.
20. C. W. Probst and R. R. Hansen. Analysing Access Control Specifications. In Accepted for the Fourth International IEEE Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE 2009), 2009.
21. C. W. Probst, R. R. Hansen, and F. Nielson. Where can an insider attack? In Dimitrakos et al. [9], pages 127-142.
22. F. B. Schneider. Enforceable security policies. ACM Transactions on Information and System Security, 3(1):30-50, Feb. 2000.
23. D. Søndergaard, C. W. Probst, C. D. Jensen, and R. R. Hansen. Program partitioning using dynamic trust models. In Dimitrakos et al. [9], pages 170-184.
24. A. Stavrou, A. D. Keromytis, J. Nieh, V. Misra, and D. Rubenstein. MOVE: An end-to-end solution to network denial of service. In Proceedings of the Internet Society (ISOC) Symposium on Network and Distributed Systems Security (SNDSS), pages 81-96, 2005.
25. L. Swiler, C. Phillips, D. Ellis, and S. Chakerian. Computer-attack graph generation tool. June 12 2001.
26. Wikipedia. Moscow-washington hotline. Available from http://en.wikipedia. org/wiki/ Moscow-Washington-hotline, last visited April 9, 2008.
27. S. Zdancewic, L. Zheng, N. Nystrom, and A. C. Myers. Untrusted hosts and confidentiality: Secure program partitioning. In G. Ganger, editor, Proceedings of the 18th ACM Symposium on Operating Systems Principles (SOSP-01), volume 35, 5 of ACM SIGOPS Operating Systems Review, pages 1-14, New York, Oct. 21-24 2001. ACM Press.
28. S. Zdancewic, L. Zheng, N. Nystrom, and A. C. Myers. Secure program partitioning. ACM Transactions on Computer Systems, 20(3):283-328, Aug. 2002.