Brinkley DL, Schell RR. Concepts and Terminology for Computer Security. In: Abrams, Jajodia, and Podell, ed. Information Security: An Integrated Collection of Essays, Los Alamitos, CA: IEEE Computer Society Press, 1995, pp. 40--97.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....security, dealing with formal security policy models that can be proven to prevent access violations. Models for computer security have proven ecient in designing secure computer systems, and with the aid of cryptography, formal models have been successfully applied in networked environments [6]. A system can be composed of potentially recursive partitions, where each partition has consists of a trusted computing base (TCB) that implements the access control facility. Assuming each partition is secure, it can be shown that under certain conditions, the set of partitions is also secure. ....

D. L. Brinkley and R. R. Schell. Concepts and terminology for computer security. In M. D. Abrams, S. Jajodia, and H. J. Podell, editors, Information Security, An Integrated Collection of Essays, pages 40 - 97. IEEE Computer Society Press, 1995.

....It refers to the protection of information assets against violations of confidentiality, integrity, and availability against different threats. There is no generally agreed definition of the security of information systems, and some critics has targeted on this division (see for example [4] or [7] for details) but for the purposes of this paper, it is satisfactory. More important than the exact definition of information security are the types of protection measures required to provide comprehensive protection of information. Technical protection measures are not alone enough, but a more ....

D.D. Brinkley and R.R. Schell. "Concepts and terminology for computer security". In M.D. Abrams, S. Jajodia, and H.J. Podell, (ed.), Information Security: An Integrated Collection of Essays, pp. 98-110. IEEE Computer Society Press, Los Alamitos, CA, 1995.

....measures by allowing other essential characteristics of systems to be specified and making security requirements conditionally dependent on these characteristics. Information security requirements should be classified very sensitive since they may disclose weaknesses of systems security [Brinkley and Schell, 1995]. Continuous processing of requirements makes the system vulnerable to unauthorized disclosure or modification that may lead to an intentional reduction of the level of system security, hence making it more vulnerable to deliberate attacks. To prevent unauthorized modification, an access control ....

....for establishing and testing the security of systems but the approach taken in this report is significantly different. Instead of protecting information flows within a computer system, the focus will be on the protection of the design of documents of a secure system. This protection is essential [Brinkley and Schell, 1995] but has not been formally approached. Our threat scenario consists of unauthorized entities gaining access to security development documents, and then either disclosing those documents or modifying them to reduce the level of target security. Confidentiality of requirement flows is protected ....

Brinkley, D. L. and Schell, R. R. (1995). Concepts and terminology for computer security. In Abrams, Marshall D., Jajodia, Sushil, and Podell, Harold J., editors, Information Security - An Integrated Collection of Essays. IEEE Computer Society Press, Los Alamitos, CA, USA.

....design that provides a flexible means of addressing the variety of security requirements of different application domains. 1 Introduction Security design refers to the interfaces and services that must be incorporated into the system to enable addressing of different security requirements [5]. The security design must be such that it enables verification and validation of the security enforcement to achieve high assurance. Assurance refers to the confidence that the security enforcement is appropriate. A number of generic considerations must be addressed by the security design to ....

D. L. Brinkley and R. R. Schell. Concepts and terminology for computer security. In Information Security, An Integrated Collection of Essays, volume Abrams, Marshall D. and Jajodia, Sushil and Podell, Harold J., pages 40--97. IEEE Computer Society Press, Los Alamitos, CA, USA, 1995.

....subject, mail spool daemons at each security level instantiated in the system can read mail from buffers used by the multilevel subject. The use of a trusted subject to sort mail by access class is justified in that it is not complex and satisfies the definition of a classic security guard [4]. Mail spool to individual in boxes movement The movement of mail from the spool to an individual s in box is usually invoked by a getmail command issued by the client or user agent. If the client is running at a high security level, then the user should be able to see new mail at all access ....

D. L. Brinkley and Schell, R. R., Concepts and Terminology for Computer Security, in Information Security: An Integrated Collection of Essays, ed. Abrams and Jajodia and Podell, IEEE Computer Society Press, Los Alamitos, CA, 1995, pp. 40-97.

....a policy enforcement mechanism is always invoked, cannot be modified by unauthorized individuals, and is inspectable so that one can assess whether or not it works correctly is applicable over a broad range of security policies and mechanisms. This allows us to pursue a theory of computer security [7] and a corresponding engineering discipline. This also demonstrates that it is possible to design systems which are less susceptible to recurrent cycles of penetrations and patches [12] U) REFERENCE MONITOR EXAMPLE (U) In any system it is assumed that there are active entities, in computer ....

D. L. Brinkley and Schell, R. R., Concepts and Terminology for Computer Security, in Information Security: An Integrated Collection of Essays, ed. Abrams and Jajodia and Podell, IEEE Computer Society Press, Los Alamitos, CA, pp 40-97, 1995.

....Because the book had no homework problems, we had to devise all homework sets ourselves. Below is a brief outline of the topics covered in the NPS CISR version of Introduction to Computer Security. The references are to the supplementary reading assigned for each topic. One of the articles [7] is assigned over several weeks, because it covers a number of topics. Introduction to Computer Security Definition, laws, historical perspective. Access Control I Policies, Identification and Authentication, Discretionary Access Control [7] Access Control II Mandatory Access Control ....

....assigned for each topic. One of the articles [7] is assigned over several weeks, because it covers a number of topics. Introduction to Computer Security Definition, laws, historical perspective. Access Control I Policies, Identification and Authentication, Discretionary Access Control [7] . Access Control II Mandatory Access Control and Supporting Policies [7] Building Secure Systems I Design and Implementation concepts that support assurance [3] Malicious Software and Intrusion Detection Trojan Horses, viruses, worms, detecting attacks. 9] Certification and ....

[Article contains additional citation context not shown here]

Brinkley,D. L., and Schell, R. R., Concepts and Terminology for Computer Security, in Information Security: An Integrated Collection of Essays, ed. Abrams and Jajodia and Podell, IEEE Computer Society Press, Los Alamitos, CA, pp. 40-97, 1995.

....and the U.S. industry has sold globally much of the generic technology that can be used to strike these targets. The challenge is to design, develop and deploy complex systems with confidence in their ability to satisfy security requirements. Fortunately, a Theory of Computer Security [8] has emerged that has three components: a precisely articulated security policy describing the mangement, protection, and distribution of sensitive information by an organization, a set of functional mechanisms sufficient to enforce the policy, and assurance that the mechanisms do enforce the ....

.... of security, we can increase the likelihood that our next generation of information technology workers will have the background they need to design and develop systems which are engineered to be reliable and secure that they are designed to protect information in the face of malicious software [8]. The security community has long embraced the concepts of requirements, policies, specifications, application of best implementation practices, assessment, and certification. When looking at curriculum development, analogous notions hold. These educational notions include: ffl identification of ....

D. L. Brinkley and R. R. Schell. Concepts and Terminology for Computer Security. In Abrams, Jajodia, and Podell, editors, Information Security: An Integrated Collection of Essays, pages 40 -- 97. IEEE Computer Society Press, Los Alamitos, CA, 1995.

No context found.

Brinkley DL, Schell RR. Concepts and Terminology for Computer Security. In: Abrams, Jajodia, and Podell, ed. Information Security: An Integrated Collection of Essays, Los Alamitos, CA: IEEE Computer Society Press, 1995, pp. 40--97.

No context found.

Brinkley, D.L, Schell, R. R. (1995b) Concepts and Terminology for Computer Security. In: Abrams, Jajodia, and Podell, ed. Information Security: An Integrated Collection of Essays, Los Alamitos, CA: IEEE Computer Society Press, pp. 40--97.

No context found.

D.L. Brinkley and R.R. Schell, "Concepts and Terminology for Computer Security," Information Security: An Integrated Collection of Essays, IEEE CS Press, Los Alamitos, Calif., 1995, pp. 40-97.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC