McLean, J., et. al, 'A Formal Statement of the MMS Security Model', Proceedings of the IEEE Symposium on Security and Privacy, April 1984. Home/Search Document Not in Database Summary Related Articles Check |
This paper is cited in the following contexts:
Specification and Verification of Security Policies - Peri (1996) Self-citation (Mclean) (Correct)
....alternative method to the one presented in [MCL94] for specifying and reasoning about the composition properties of the information flow predicates that is amenable to automatic theorem proving. 2. 2 Composition Properties of Information Flow Predicates In this section we present the trace model [MCL84] and describe McLean s approach to specifying and reasoning about the composition properties of information flow predicates. Chapter 2: Composition Properties of Information Flow Predicates 27 2.2.1 Trace Model A system S can be specified as a state transition system that consists of . a set of ....
....These policies, as defined, are representatives of a class of policies. For example, the MLS policy is a generic policy that is used primarily in military systems but no system enforces it exactly as defined in the literature. Major military information systems, such as CMW [CFG87] MMS [MCL84] and LOCK [BKY85] enforce policies that resemble the MLS policy at a very high level of abstraction. In these systems, the specification of the security policy is not independent of functional description of the system. As a result: the security policy is more difficult to identify and ....
McLean, J., et. al, 'A Formal Statement of the MMS Security Model', Proceedings of the IEEE Symposium on Security and Privacy, April 1984.
A Comment on the "Basic Security Theorem" of Bell and LaPadula* - John Mclean (1984) (9 citations) Self-citation (Mclean) (Correct)
....confidence in the security provided by systems based on this model is a theorem, called the Basic Security Theorem (BST) 1, p. 20] proven about a formalization of the model by its authors [1,p. 90, corollary A1] Several authors have proven similarly named theorems about related security models [3,4,5]. This note reviews the Bell LaPadula model briefly and shows that the BST can be proven for systems that directly contradict the notion of security embodied in the Bell LaPadula model. We conclude that the value of the BST is much overrated since there is a great deal more to security than it ....
J. McLean, C. E. Landwehr, and C. L. Heitmeyer, A formal statement of the MMS security model, Proc. 1984 Symposium on Security and Privacy, (IEEE Computer Society Press, 1984).
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC