Multilevel security and quality of protection

Advances in Information Security

Volumn 23, Issue , 2006, Pages 93-105

  Foley, Simon N ^a   Bistarelli, Stefano ^b,c   O'Sullivan, Barry ^a   Herbert, John ^a   Swart, Garret ^d  

^a UNIVERSITY COLLEGE CORK   (Ireland)

^b Università GD Annunzio di Chieti   (Italy)

^c Istituto di informatica e telematica del Consiglio nazionale delle ricerche   (Italy)

^d IBM ALMADEN RESEARCH CENTER   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

EID: 84880274363     PISSN: 15682633     EISSN: None     Source Type: Book Series    
DOI: 10.1007/978-0-387-36584-8_8     Document Type: Article

References (38)

1. Bell, D.E., Padula, L.J.L.: Secure computer system: unified exposition and MULTICS interpretation. Report ESD-TR-75-306, The MITRE Corporation (1976)
2. Denning, D.: A lattice model of secure information flow. Communications of the ACM 19(5) (1976) 236-243
3. TNI: Trusted computer system evaluation criteria: trusted network interpretation. Technical report, National Computer Security Center (1987) Red Book.
4. Foley, S.: Aggregation and separation as noninterference properties. Journal of Computer Security 1(2)(1992) 159-188
5. Sandhu, R.: Lattice based access control models. IEEE Computer 26(11) (1993) 9-19
6. Lee, T.: Using mandatory integrity to enforce 'commerical' security. In: Proceedings of the Symposium on Security and Privacy. (1988) 140-146
7. Foley, S.: The specification and implementation of commercial security requirements including dynamic segregation of duties. In: ACM Conference on Computer and Communications Security. (1997) 125-134
8. Sandhu, R.: Role hierarchies and constraints for lattice-based access controls. In: ESORICS. (1996)
9. Popescu, B., Crispo, B., Tanenbaum, A.: Support for multi-level security policies in drm architectures. In: 13th New Security Paradigms Workshop. (2004)
10. Schellhorn, G., Reif, W., Schairer, A., Karger, P., Austel, V., Toll, D.: Verification of a formal security model for multiapplicative smart cards. In: ESORICS. (2000) 17-36
11. Schaefer, M.: If A 1 is the answer, what was the question? an edgy naif's retrospective on promulgating the trusted computer systems evaluation criteria. In: Annual Computer Security Applications Conference, IEEE Press (2004) 204-228
12. Millen, J.: 20 years of covert channel modeling and analysis. In: IEEE Symposium on Security and Privacy. (1999) 113-114
13. McLean, J.: Reasoning about security models. In: Proceedings 1987 IEEE Symposium on Security and Privacy. (1987) 123-131
14. Goguen, J.A., Meseguer, J.: Unwinding and inference control. In: Proceedings 1984 IEEE Symposium on Security and Privacy. (1984) 75-86
15. Foley, S.: A universal theory of information flow. In: Proceedings 1987 IEEE Symposium on Security and Privacy. (1987) 116-121
16. Sutherland, D.: A model of information. In: Proceedings 9th National Computer Security Conference. (1986)
17. Focardi, R., Gorrieri, R.: A classification of security properties for process algebras. Journal of Computer Security 3(1) (1995) 5-33
18. Roscoe, A., Woodcock, J., Wulf, L.: Non-interference through determinism. Journal of Computer Security 4(1) (1995)
19. Ryan, P., Schneider, S.: Process algebra and non-interference. In: IEEE Computer Security Foundations Workshop. (1999) 21 4-227
20. Sabelfeld, A., Myers, A.C.: Language-based information-flow security. IEEE Journal on Selected Areas in Communications, special issue on Formal Methods for Security 21(1) (2003)
21. McLean, J.: 20 years of formal methods. In: IEEE Symposium on Security and Privacy. (1999) 113-114
22. Schneider, F.: Enforcable security policies. ACM Transactions on Information and Systems Security 3(1) (2000) 30-50
23. Lewis, S., Wiseman, S.: Securing an object relational database. In: ACSAC, IEEE Computer Society (1997) 59-68
24. Foley, S.: Conduit cascades and secure synchronization. In: ACM New Security Paradigms Workshop. (2000)
25. Aziz, B., Foley, S., Herbert, J., Swart, G.: Configuring storage area networks for mandatory security. In: Proceedings of the 18 TM IFIP Annual Conference on Data and Applications Security, Kluwer (2004)
26. Foley, S.: A model for secure information flow. In: Proceedings of the Symposium on Security and Privacy, Oakland, CA, IEEE Computer Society Press (1989)
27. Bistarelli, S.: Semirings for Soft Constraint Solving and Programming. Volume LNCS 2962. Springer (2004)
28. Bistarelli, S., Foley, S., O'Sullivan, B.: Detecting and eliminating the cascade vulnerability problem from multi-level security networks using soft constraints. In: Proceedings of AAAI/IAAI-2004 (16th Innovative Applications of AI Conference), AAAI Press San Jose (2004) 808-813
29. Bistarelli, S., Foley, S., O'Sullivan, B.: Reasoning about secure interoperation using soft constraints. In: Proceedings of FAST-2004 Workshop on Formal Aspects of Security and Trust. (2004)
30. Swart, G., Aziz, B., Foley, S., Herbert, J.: Trading off security in a service oriented architecture. In: 19th Annual IFIP WG 11.3 Working Conference on Data and Applications Security. (2005)
31. Wallace, M.: Practical applications of constraint programming. Constraints 1(1-2) (1996) 139-168
32. Millen, J., Schwartz, M.: The cascading problem for interconnected networks. In: 4th Aerospace Computer Security Applications Conference, IEEE CS Press (1988) 269-273
33. Branstad, M., et al.: Trusted Mach design issues. In: Proceedings Third Aerospace Computer Security Conference. (1987)
34. U. S. Department of Defense: Trusted computer system criteria. Technical Report CSCSTD-001-83, U. S. National Computer Security Center (1983)
35. Horton, R., et al.: The cascade vulnerability problem. Journal of Computer Security 2(4) (1993) 279-290
36. Bistarelli, S., Montanari, U., Rossi, F.: Semiring-based Constraint Solving and Optimization. JACM 44(2) (I 997) 201-236
37. Blakley, G., Kienzle, D.: Some weaknesses of the TCB model. In: IEEE Symposium on Security and Privacy, IEEE CS Press (1997)
38. Fitch, J., Hoffman, L.: A shortest path network security model. Computers and Security 12 (1993) 169-189