McLean, J., Is the Trusted Computing Base Concept Fundamentally Flawed? In Proceedings of the IEEE Symposium on Security and Privacy, pp 2, Oakland, CA, May 1997, IEEE Computer Society Press.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....the IEEE Symposium on Security and Privacy held a debate concerning the effectiveness of the Reference Monitor Concept in modern system development environments. The contest was won, by a large margin by those claiming that this abstraction continues to be an effective model for secure systems [15, 3, 20]. The Reference Monitor Concept as a Unifying Principle in Computer Security Education 3 Monitor Concept The answer is simple. It is a paradigm that we know works. Is an educational program based upon the Reference Monitor Concept relevant One might argue that market factors in computing ....

....have well articulated secrecy policies for information of various sensitivity levels. This permits us to examine these policies and determine how they can be expressed as technical policies in formal models. Considerable research has been conducted in the area formal models, for example [2, 4, 15]. Broad classes of policies are introduced to students: discretionary, information flow, work flow, etc. Beginning courses provide an overview of policies and models, while students in advanced courses study selected models in detail. By reading seminal papers, they explore the theoretical ....

McLean, J., Is the Trusted Computing Base Concept Fundamentally Flawed? In Proceedings of the IEEE Symposium on Security and Privacy, pp 2, Oakland, CA, May 1997, IEEE Computer Society Press.

....com 2 mercial OS vendors to choose to not use TCB ideas, or at best pay lip service to them by deploying trusted systems that are too large to formally verify. This has generated enough controversy to be the subject of a formal debate at the 1997 IEEE Symposium on Security and Privacy [ 2, 14,19]. If formal verification is not feasible, developers that care somewhat about security strive to minimize security bugs with a variety of debugging and bug minimization techniques, such as strict coding practices, red teaming, and fault injection. Resorting to debugging techniques does not ....

John McLean. Is the Trusted Computing Base concept fundamentally Flawed? In Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 1997.

....made by a central authority called reference monitor. The idea is that access requests go through a trusted system component that decides if they should be allowed. The authority can, for example, be an operating system or a database manager. The reference monitor concept cannot easily be adapted [20, 7, 25] to the highly distributed systems built around today s data communications networks [16, 26] In the network, a virtually unlimited number of local authorities can set up and administer access to their own resources. Furthermore, from each host s viewpoint, the network can be divided into areas ....

John McLean. Is the trusted computing base concept fundamentally AEawed? In Proc. 1997 IEEE Symposium on Security and Privacy, page 2, Oakland, CA, May 1997. IEEE Computer Society Press.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC