Robert W. Baldwin. Rule Based Analysis of Computer Security. Technical report, Massachusetts Institute of Technology, June 1987.  Home/Search   Document Not in Database   Summary   Related Articles   Check

.... However, some view these effects as minimal [4] Intrusion detection systems, such as [118, 188, 106] also fall under this category, as do those that help assure that the security mechanisms are working correctly, such as the Kuang expert system that detects ways of breaking root in a Unix system [14]. On one hand, these are identical to detection safeguards. They attempt to deter or at least detect attacks, and while they will have clearly defined SAFE DD mechanisms, these alone have no impact on the flow analysis. Again, a passive monitor can not change the operation of the system. Their ....

....security hole which can exist for a long time before detection. Although 264 it is not the goal of this research to provide tools for detecting such errors, the proposed mechanisms should not preclude such analysis. If automated systems can simplify these tasks, so much the better. One example is [14]. Surveillance mechanisms must include immediate detection (threat monitoring) as well as long term detection (security audits) The security mechanisms must lend themselves to surveillance by authorized administrators. Constant surveillance serves two purposes. It is a disincentive to intruders ....

Baldwin, R. Rule based analysis of computer security. In Proc. CompCon Spring 87 (February 1987), IEEE Computer Society, pp. 227--33.

....and at very least implies that people with accounts on this machine will have accounts on the other machines mentioned in hosts.equiv. It also read the .rhosts file, which lists the set of machines that this machine trusts root access from. Note that it did not take advantage of the trust itself [19] but merely used the names as a list of additional machines to attack. Often, system managers will deny read access to this file to any user other than root itself, to avoid providing any easy list of secondary targets that could be used to subvert the machine; this practice would also have ....

R. W. Baldwin, Rule Based Analysis of Computer Security. PhD thesis, MIT EE, June 1987.

....Careful analysis should be performed in designing and implementing specific systems to identify specific additional weaknesses and their required countermeasures. Design, implementation, and use of auto mated tools for analyzing specific system weaknesses are useful, but still a research subject [1]. Three types of weaknesses affect all administrative roles to various degrees: 1) unauthorized modification of hardware and software system configuration Unauthorized changes of system configuration, including both hardware and software changes, can take place during all phases of a system ....

Baldwin, R. W., "Rule-Based Analysis of Computer Security," Technical Report MIT/LCS/TR-401, March 1988.

....system state may not necessarily be identical to a recovered state because, unlike a recovered state, the initial state may not contain any user visible objects. Thus, fewer invariants may be relevant for determining the security of the initial states. Tools such as the ones suggested in reference [2], for identifying vulnerabilities of certain system states, also may be useful both for establishing secure initial states and recovered states. Because some of the tools used for detecting insecure states and for repairing various system data structures place the TCB in maintenance mode (e.g. ....

Baldwin, R. W., Rule-Based Analysis of Computer Security, Massachusetts Institute of Technology, Cambridge, Massachusetts, Technical Report MIT/LCS/TR-401, March 1988.

....holes. Although the security constraints described here are written for the Unix operating system, we want to stress that the Mir o specification languages described in Section 2 can be applied to operating systems other than Unix. Also, as opposed to security systems like COPS [4] or U Kuang [1], the power of the Mir o system derives from the ease by which it allows users to express and check new security constraints. Since textual specifications are often plagued by errors [3, 12] we have attempted to develop specification languages that are more intuitive to use so that errors will be ....

....by associating an integer valued interval with the constraint. For each matching to the thick part of the constraint, we count the number of consistent extensions to the thin part of the constraint, and that number must fall in the specified interval. If no interval is specified, the default is [1, 1] ; this interval corresponds to the original semantics we described: for each thick matching, there must exist (i.e. be at least 1) consistent thin matching. The constraint named grp in 1 w (a) requires that every group is contained in exactly one world. However, it is still possible that a group ....

[Article contains additional citation context not shown here]

Robert W. Baldwin. Rule Based Analysis of Computer Security. PhD thesis, MIT, Cambridge, MA 02139, March 1988. Tech Report MIT/LCS/TR-401.

....least it is likely that people with accounts on this machine will have accounts on the other machines mentioned in etc hosts.equiv. It also reads the .rhosts file, which lists the set of machines that this machine trusts root access from. Note that it does not take advantage of the trust itself [25] but merely uses the names as a list of additional machines to attack. Often, system managers will deny read access to this file to any user other than root itself, to avoid providing any easy list of secondary targets that could be used to subvert the machine; this practice would have prevented ....

R. W. Baldwin, Rule Based Analysis of Computer Security. PhD thesis, MIT EE, June 1987.

No context found.

Robert W. Baldwin. Rule Based Analysis of Computer Security. Technical report, Massachusetts Institute of Technology, June 1987.

No context found.

Baldwin, Robert W., Rule Based Analysis of Computer Security, Massachusetts Institute of Technology, June 1987.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC