D.E. Bell and L.J. LaPadula, Secure Computer Systems, tech. report M74-244, Mitre Corporation, 1974.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....have been working on computer system security for at least 30 years. During this time there have been many intellectual successes. Notable among them are the subject object access matrix model [11] access control lists [17] multilevel security using information flow [6, 13] and the star property [3], public key cryptography [14] and cryptographic protocols [1] In spite of these successes, it seems fair to say that in an absolute sense, the security of the hundreds of millions of deployed computer systems is terrible: a determined and competent attacker could destroy most of the information ....

Bell and LaPadula, Secure computer systems. ESD-TR-73278 (Vol. I-III) (also Mitre TR-2547), Mitre Corporation, Bedford, MA, April 1974

....of predicates that depend on this term in any state of the system. Ideally, the policy specification language should be independent of the access control model and the mapping between them should define the security requirements of the system under consideration. The Bell and LaPadula model (BLP) [BL74] is an access control security model that enforces the MLS policy by the following two restrictions on the actions of the entities: An entity cannot read an entity at a higher level than itself (no read up) and . An entity cannot write to an entity at a lower level than itself (no ....

Bell, D. E., LaPadula, L. J., 'Secure Computer Systems', Tech Rep. ESDTR -73-278, vols 1-3, MITRE, 1974. Bibliography 156

....problem, alluded to in [30] in the security community is the use of off the self models. The use of formal methods was mandated very early (1970 s) on for secure systems. At the time there was not much experience of formal specification and verification. Bell and La Padula introduced a model [31] of security access in file type systems. While this model covered a large number of cases, its popularity caused some designers to simply take the model and attempt to fit it to the situation at hand. Consequently it was applied to inappropriate systems. For example while it is generic for file ....

D.E. Bell and L.J. La Padula. Secure computer systems. Technical Report 2547, The MITRE Corporation, May-Dec 1973 1973. vol I-III.

....access, the property controls access. The traditional, or liberal property requires that (o) s) The strict property, designed to prevent integrity problems as a result of write up , requires (o) s) A variation on the property, the trusted liberal property, introduced by Bell [11], designates separate labels for read and write, r and w respectively. The simple security rule is applied for r and the property for w . 2.2 MLS to RBAC Mapping A role can be thought of as a set of permissions on privileges. RBAC can then be implemented on an MLS system by establishing a ....

....access if the data written does not depend on the data read [10] reducing constraints on role assignment depending on the degree to which there is independence between read and write data in typical applications. Another approach worth investigating is the use of Bell s liberal property [11]. It would be interesting to investigate existing systems that have a need for both roles and MAC to evaluate the practical implementation of RBAC on realworld MLS system applications. 4 Conclusions Because of both cost and trust considerations, it is desirable to build RBAC systems on a proven ....

D.E. Bell. Secure computer systems. In Proceedings, 3rd annual computer security application conference, 1987.

No context found.

D.E. Bell and L.J. LaPadula, Secure Computer Systems, tech. report M74-244, Mitre Corporation, 1974.

No context found.

D.E. Bell, L. LaPadula. "Secure Computer Systems" ESD-TR-83-278, Mitre Corporation, vI and II (Nov 1973), vIII (Apr 1974).

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC