Verification of a formal security model for multiapplicative smart cards

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 1895, Issue , 2000, Pages 17-36

  Schellhorn, Gerhard ^a   Reif, Wolfgang ^a   Schairer, Axel ^b   Karger, Paul ^c   Austel, Vernon ^c   Toll, David ^c  

^a UNIVERSITY OF AUGSBURG   (Germany)

^b GERMAN RESEARCH CENTER FOR ARTIFICIAL INTELLIGENCE DFKI   (Germany)

^c IBM T J WATSON RESEARCH CENTER   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

SECURITY SYSTEMS;

FORMAL SECURITY MODELS; INTRANSITIVE NONINTERFERENCE; NEW APPLICATIONS; SECURITY ASPECTS; SECURITY MODELING; SECURITY POLICY;

SMART CARDS;

EID: 84944051800     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/10722599_2     Document Type: Conference Paper

References (19)

1. L. Badger, D. F. Sterne, D. L. Sherman, K. M. Walker, and S. A. Haghighat. Practical domain and type enforcement for UNIX. In 1995 IEEE Symposium on Security and Privacy, pages 66-77, Oakland, CA, May 1995. URL:http://www.tis.com/docs/research/secure/securedteproj2.html.
2. D. E. Bell and L. J. LaPadula. Secure Computer Systems: Unified Exposition and Multics Interpretation. Technical Report ESD-TR-75-306, The MITRE Corporation, HQ Electronic Systems Division, Hanscom AFB, MA, March 1976. URL:http://csrc.nist.gov/publications/history/bell76.pdf.
3. K. J. Biba. Integrity Considerations for Secure Computer Sytems. Technical Report ESD-TR-76-372, The MITRE Corporation, HQ Electronic Systems Division, Hanscom AFB, MA, April 1977.
4. W. E. Boebert and R. Y. Kain. A practical alternative to hierarchical integrity policies. In 8th National Computer Security Conf., pages 18-27, Gaithersburg, MD, 1985. National Computer Security Center and National Bureau of Standards.
5. D. Hutter, H. Mantel, G. Rock, W. Stephan, A. Wolpers, M. Balser, W. Reif, G. Schellhorn, and K. Stenzel. Vse: Controlling the complexity in formal software developments. In Applied Formal Methods - FM-Trends 98. LNCS 1641, 1998.
6. Identification cards - identification cards - interrelated circuit(s) cards with contacts - part 4: Inter-industry commands for interchange. ISO/IEC 7816-4, International Standards Organization, 1995.
7. Information technology - security techniques - evaluation criteria for IT security. ISO/IEC 15408, International Standards Organization, 1999. URL:http://csrc.nist.gov/cc.
8. ITSEC. Information Technology Security Evaluation Criteria, Version 1.2. Office for Official Publications of the European Communities, Brussels, Belgium, 1991.
9. P. A. Karger, V. Austel, and D. Toll. A new mandatory security policy combining secrecy and integrity. RC 21717, IBM Research Division, T. J. Watson Research Center, Yorktown Heights, NY, 15 March 2000. URL:http://domino.watson.ibm.com/library/CyberDig.nsf/home.
10. P. A. Karger, V. Austel, and D. Toll. Using a mandatory secrecy and integrity policy on smart cards and mobile devices. In (EUROSMART) Security Conference, pages 134-148, Marseille, France, 13-15 June 2000. RC 21736 available at http://domino.watson.ibm.com/library/CyberDig.nsf/home.
11. F. Koob, M. Ullmann, S. Wittmann, G. Schellhorn, W. Reif, A. Schairer, and W. Stephan. A generic security model for multiapplicative smart cards - final report of the SMaCOS project. to appear as BSI report.
12. T. F. Lunt, P. G. Neumann, D. Denning, R. R. Schell, M. Heckman, and W. R. Shockley. Secure distributed data views - vol.1: Security policy and policy interpretation for a class A1 multilevel secure. Technical Report SRI-CSL-88-8, SRI International, Menlo Park, CA, August 1988.
13. J. McLean. Security models. In J. Marciniak, editor, Encyclopedia of Software Engineering. Wiley & Sons, 1994. URL:http://chacs.nrl.navy.mil/publications/CHACS.
14. Elliott I. Organick. The Multics System: An Examination of Its Structure. The MIT Press, Cambridge, MA, 1972.
15. Philips semiconductors and IBM research to co-develop secure smart cards: Highly secure operating system and processor, suitable for multiple applications. URL:http://www.semiconductors.philips.com/news/content/file384.html, Feb. 1999.
16. J. Rushby. Noninterference, Transitivity, and Channel-Control Security Policies. Technical Report CSL-92-02, SRI International, Menlo Park, CA, 1992. URL:http://www.csl.sri.com/˜rushby/reports/csl-92-2.dvi.Z.
17. R. Schell, T. F. Tao, and M. Heckman. Desingning the GEMSOS security kernel for security and performance. In 8th National Computer Security Conference, pages 108–119, Gaithersburg, MD, 30 September - 3 October 1985. DoD Computer Security Center and National Bureau of Standards.
18. L. J. Shirley and R. R. Schell. Mechanism sufficiency validation by assignment. In 1981 Symposium on Security and Privacy, pages 26-32, Oakland, CA, 27-29 April 1981. IEEE Computer Society.
19. D. F. Sterne and G. S. Benson. The controlled application set paradigm for trusted systems. In 1995 National Information Systems Security Conference, Baltimore, Maryland, 1995. National Computer Security Center and National Institute of Standards and Technology. URL:http://www.tis.com/docs/research/secure/securedteproj2.html.