O.S. Saydjari, J.M. Beckman, and J.R. Leaman. LOCKing computers securely. In 10th National Computer Security Conference, Baltimore, Maryland, pages 129--141, 21-24 September 1987.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....calls but requires the infrastructure from the Flask Fluke environment and is therefore di#cult to adapt to a COTS environment. The approach of clearly segregating policy and enforcement at the level of a host operating system was articulated in the Synergy [8] project and its precursors [22] and can be found in most of the related work discussed above; the ERM ECRM mechanism simply moves the already separated parts into di#erent nodes on a network with distinct roles and permits a consistent enforcement of a given security policy. VIII. Outlook and Future Work Our group has been ....

O. S. Saydjari, J. M. Beckman, and J. R. Leaman, "Locking Computers Securely," in Proc. 10th NIST-NCSC National Computer Security Conference, 1987, pp. 129--141.

....general I O mechanisms we propose to use object labeling in conjunction with encryption at this level as the tool to achieve this goal. This enforcement mechanism is part of a larger system that segregates security policy determination and decisions based on such policy rules from enforcement [18, 10, 12], but does so at the level of network nodes, i.e. there exists a set of servers that provide consistent policy information to all systems within the protected set of nodes. This paper concentrates on a description of the implementation of the file system security enforcement component on the ....

O. S. Saydjari, J. M. Beckman, and J. R. Leaman. Locking Computers Securely. In Proc. 10th NIST-NCSC National Computer Security Conference, pages 129--141, 1987.

....for direct implementation, and the optimisations and variations in use normally sacrifice useful properties, such as reflexivity over controls. Domain and type enforcement was developed to protect system integrity in military systems and dynamic configuration was not a goal of the early work [3,9]. Though recently it has been mentioned [11] as goal of future work. Elsewhere we have argued that the domain and type enforcement model is a useful approach to security in micro kernel based systems [10] The separation of domain domain and domain type controls originated in this work, as the ....

Sami Saydjari, O., J. Beckman and J. Leaman, LOCKing Computers Securely In Proc. 10th DoD/NBS Computer Security Conference, Gaithersburg, MD. September 1987. pp 129-140.

....to maintain the replicas. It is important to remember that while the replicated architecture uses distributed database system technology, the replicated architecture is for centralized database systems and not for distributed systems. It could be implemented on a single machine such as LOCK [22]. Figure 1 illustrates the basic SINTRA architecture. Notice that the low data appears at all backends, blue data at the blue and high backends, etc. Figure 1. The Replicated Architecture For this paper, our mathematical model of the SINTRA architecture consists of a finite set of passive ....

O. Saydjari, J. Beckman, and J.Leaman, "Locking Computers Securely", Proceedings of the 10th National Computer Security Conference, NBS, 1987, pp. 129-141.

.... executable (instructions) Both new systems designed to meet strong security policies and enhancements to existing systems use this method. Boebert and Kain [18] have proposed labelling subjects and objects in the Logical Coprocessor Kernel or LOCK (formerly the Secure Ada Target or SAT) 17] 61][112][113] a system designed to meet the highest level of security under the Department of Defense criteria [43] Once compiled, programs have the label data, and cannot be executed until a sequence of specific, auditable events changes the label to executable. After that, the program cannot be ....

O. Saydjari, J. Beckman, and J. Leaman, "Locking Computers Securely," Tenth National Computer Security Conference Proceedings (Sep. 1987) pp. 129-141.

.... 3 Type Enforcement SAT type enforcement was presented as a security mechanism in A Practical Alternative to Hierachical Integrity Policies [4] also see Modeling Database Security Requirements [5] Type enforcement is also an element of the LOCK system currently under development at SCTC [6]. 3.1 The Definition of Type Enforcement The basic concept of type enforcement is that the object space is partitioned into equivalence classes based on the integrity properties of objects. Each equivalence class is called an object type. Thus all the objects of a given type exhibit the same set ....

O. Sami Saydjari, J. Beckman, and J. Leaman. "LOCKing Computers Securely". Proceedings of the 10th DoD/NBS Computer Security Conference, pages 129--140, Gaithersburg, MD, September 1987.

No context found.

O.S. Saydjari, J.M. Beckman, and J.R. Leaman. LOCKing computers securely. In 10th National Computer Security Conference, Baltimore, Maryland, pages 129--141, 21-24 September 1987.

No context found.

O. Sami Saydjari, J.M. Beckman and J.R. Leaman. "Locking Computers Securely," in Proc. 10th Nat. Computer Security Conf., pp. 129141, Baltimore MD, USA, 1987.

No context found.

O.S. Saydjari, J.M. Beckman, and J.R. Leaman. LOCKing computers securely. In 10th National Computer Security Conference, Baltimore, Maryland, pages 129-141, 21-24 September 1987.

No context found.

SAYD87 Saydjari, O. S. and J. M. Beckman, "Locking Computers Securely," 10th National Computer Security Conference, pp. 129-141, NCSC/ICST, September 1987.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC