Abstract:
A precise characterization is given for the class of security policies enforceable with mechanisms that work by monitoring system execution, and automata are introduced for specifying exactly that class of security policies. Techniques to enforce security policies specified by such automata are also discussed. Categories and Subject Descriptors: D.2.1 [Software Engineering]: Requirements/Specifications; D.2.9 [Software Engineering]: Management—Software configuration management;
Citations
|
552
|
Partial evaluation and automatic program generation
– Jones, Gomard, et al.
- 1993
|
|
433
|
Security policies and security models
– Goguen, Meseguer
- 1982
|
|
300
|
Defining liveness
– Alpern, Schneider
- 1985
|
|
278
|
Guarded commands, nondeterminacy, and formal derivation of programs
– Dijkstra
- 1975
|
|
228
|
Proving the correctness of multiprocess programs
– Lamport
- 1977
|
|
204
|
Formal Languages and Their Relation to Automata
– Hopcroft, Ullman
- 1969
|
|
146
|
SASI enforcement of security policies: A retrospective
– Erlingsson, Schneider
- 1999
|
|
125
|
Recognizing safety and liveness
– Alpern, Schneider
- 1987
|
|
124
|
A Logical Language for Expressing Authorizations
– Jajodia, Samarati, et al.
- 1997
|
|
62
|
Java Security: Present and Near Future
– Gong
- 1997
|
|
46
|
On the formal definition of separation-of-duty policies and their composition
– Gligor, Gavrila, et al.
- 1998
|
|
45
|
History-based access control for mobile code
– Edjlali, Acharya, et al.
- 1998
|
|
33
|
Verifying temporal properties without temporal logic
– Alpern, Schneider
- 1989
|
|
24
|
Providing Policy-Neutral and Transparent Access Control in Extensible Systems
– Grimm, Bershad
- 1998
|
|
12
|
A note on denial-of-service in operating systems
– GLIGOR
- 1984
|
|
1
|
Enforceable Security Policies • 49
– EVANS, A
- 1999
|
