T. M. P. Lee. Using Mandatory Integrity to Enforce "Commercial " Security. In Proceedings of the 1988.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....into middleware (e.g. CORBA CORBASec) and because MAC can easily be expressed using RBAC, MAC can consequently be easily integrated into middleware such as CORBA CORBASec. 7.7. 4 Clark Wilson Furthermore, it has been argued that the Clark Wilson integrity model [28] can be supported using MAC [91, 150]. We have already shown above that MAC can be expressed well in the context of middleware, and consequently Clark Wilson can also be integrated into middleware such as CORBA CORBASec. 7.7.5 Chinese Wall It has also been demonstrated in [141] and [142] that the Chinese Wall policy, which prevents ....

T.M.P Lee. Using mandatory integrity to enforce "commercial" security. In Proceedings IEEE Computer Society Symposium on Security and Privacy, Oakland, CA, pages 140--146, May 1988.

....The liberal property is also referred to as write up and the strict property as non writeup or write equal. There are also variations of LBAC where the one directional information flow is partly relaxed to achieve selective downgrading of information or for integrity applications [Bel87, Lee88, Sch88] We now show how these two variations of LBAC can be simulated in RBAC. It turns out that we can achieve this by suitably changing the role hierarchy and defining appropriate constraints. This confirms that role hierarchies and constraints are central to defining policy in RBAC. 4.2 ....

T.M.P. Lee. Using mandatory integrity to enforce "commercial" security. In Proceedings of IEEE Symposium on Security and Privacy, pages 140--146, Oakland, CA, May 1988.

....with the same or a higher label. The lattice model, while precise, is not very intuitive or user friendly since access modes are implicit. It is not very flexible since the lattice structure dictates valid access modes. And, it only supports two different access modes, namely read and write [25, 11, 23, 9, 28]. The idea of domain and type enforcement as a more flexible and user friendly alternative to the lattice model is first developed by Boebert and Kain [8] They introduce the domain and type labels that represent an entity s privileges and access constraints and the access matrix that explicitly ....

Theodore M. P. Lee. Using Mandatory Integrity to Enforce "Commercial" Security. In Proceedings of the 1988 IEEE Symposium on Security and Privacy, pages 140--146, Oakland, California, April 1988.

.... integrity, confidentiality and integrity together, or for aggregation policies such as Chinese Walls [San93] There are also variations of LBAC where the one directional information flow is partly relaxed to achieve selective downgrading of information or for integrity applications [Bel87, Lee88, Sch88]. The mandatory access control policy is expressed in terms of security labels attached to subjects and objects. A label on an object is called a security classification, while a label on a user is called a security clearance. It is important to understand that a Secret user may run the same ....

....In variations of LBAC the simple security property is usually left unchanged as we will do in all our examples. Variations of the property in LBAC whereby the one directional information flow is partly relaxed to achieve selective downgrading of information or for integrity applications [Bel87, Lee88, Sch88] will be considered later. 4 CONFIGURING RBAC FOR LBAC We now show how different variations of LBAC can be simulated in RBAC. It turns out that we can achieve this by suitably changing the role hierarchy and defining appropriate constraints. This suggests that role hierarchies and constraints are ....

[Article contains additional citation context not shown here]

T.M.P. Lee. Using mandatory integrity to enforce "commercial" security. In Proceedings IEEE Computer Society Symposium on Security and Privacy, pages 140--146, Oakland, CA, May 1988.

....[19, 35] and appropriate security policies. Starting from multi level security [5, 12, 7] which has become part of the U.S. Department of Defense s standard for trusted computer systems [13] much attention has been directed towards mapping non military policies onto multi level security [23, 21], defining al9 ternative policies more suitable for commercial applications [8, 10, 9, 3, 2, 1] and expanding multi level security to be more flexible and powerful [24, 29] Based on the realization that no single security policy is appropriate for all environments, the DTOS effort [27, 31, 37, ....

T. M. P. Lee. Using Mandatory Integrity to Enforce "Commercial" Security. In Proceedings of the 1988 IEEE Symposium on Security and Privacy, pages 140-- 146, Oakland, California, April 1988.

....of new questions related to information security [21, 36] Although the analysis of security properties is the main theme of this work, the importance of integrity and availability should not be underestimated. Good starting points for the study of integrity and availability are, for example, [20, 23] and [43, 26] 2 1.1 Formal Models of Security In order to conduct a formal study of any interesting property of a concrete computing system, a well defined abstraction of the system is needed. The abstrcation describes all the relevant features of the actual system and lays the basis for ....

T. M. P. Lee. Using mandatory integrity to enforce "commercial" security. In 1988 IEEE Computer Society Symposium on Security and Privacy, pages 140--146, Oakland, USA, April 1988. IEEE.

No context found.

T. M. P. Lee. Using Mandatory Integrity to Enforce "Commercial " Security. In Proceedings of the 1988.

No context found.

T. M. P. Lee. Using Mandatory Integrity to Enforce "Commercial" Security. In Proceedings of the 1988.

No context found.

Lee88. T.M.P. Lee. Using mandatory integrity to enforce "commercial" security. In Proceedings IEEE Computer Society Symposium on Security and Privacy, pages 140--146, Oakland, CA, May 1988.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC