Filters








4,430 Hits in 5.4 sec

The development and proof of a formal specification for a multilevel secure system

Janice I. Glasgow, Glenn H. MacEwen
1987 ACM Transactions on Computer Systems  
Not only does the formality promote precision, but it enables the proof of any formal specifications, and perhaps of any implementation, for the system.  ...  This paper describes current work on the design and specification of a multilevel secure distributed system called SNet.  ...  ACKNOWLEDGMENTS The authors are extremely indebted to the three anonymous referees who provided complete and insightful comments on the first version of this paper.  ... 
doi:10.1145/13677.22724 fatcat:cq7n4yzdcbebrmqboidvyfofxm

Proving multilevel security of a system design

R. J. Feiertag, K. N. Levitt, L. Robinson
1977 Proceedings of the sixth symposium on Operating systems principles - SOSP '77  
The less general model relates well to design specifications and permits straightforward proof of the security of a system design. The correspondence between the two models is easily demonstrated.  ...  The two models when applied appropriately are more useful for defining and proving the multilevel security of systems than existing models.  ...  AC KNOWLEDGMENTS Peter Neumann, the leader at SRI of the project under which the SOM was developed, provided the authors with many critical comments.  ... 
doi:10.1145/800214.806547 dblp:conf/sosp/FeiertagLR77 fatcat:oi4qwkdmtrcq3o22j2fbqt3w5y

Reflections on the verification of the security of an operating system kernel

Jonathan M. Silverman
1983 Proceedings of the ninth ACM symposium on Operating systems principles - SOSP '83  
First, it is for a complete implementation of a commercially available secure computer system.  ...  This paper discusses the formal verification of the design of an operating system kernel's conformance to the multilevel security property.  ...  This paper discusses an experience in the use of formal methods for the development of an operating system security kernel.  ... 
doi:10.1145/800217.806623 dblp:conf/sosp/Silverman83 fatcat:vdjp2feqdfanrfy4syvuprbl7i

Reflections on the verification of the security of an operating system kernel

Jonathan M. Silverman
1983 ACM SIGOPS Operating Systems Review  
First, it is for a complete implementation of a commercially available secure computer system.  ...  This paper discusses the formal verification of the design of an operating system kernel's conformance to the multilevel security property.  ...  This paper discusses an experience in the use of formal methods for the development of an operating system security kernel.  ... 
doi:10.1145/773379.806623 fatcat:ztlv4o26rvdenfp7fkhmuwyxxu

Guest Editors' Note

1987 IEEE Transactions on Software Engineering  
Our work was simplified by the following people who, as members of the Program Committee of the 1986 IEEE Symposium on Security and Privacy, reviewed most of the papers included here.  ...  In the security models area, the paper by Denning et al. presents a model of multilevel security for relational database systems.  ...  of operating systems and hardware protection mechanisms as bases for the development of secure computer systems.  ... 
doi:10.1109/tse.1987.232888 fatcat:yabfbkhcurd6ngbh2fqxtwjfh4

Comparison Paper between the Bell and LaPadula Model

Tad Taylor
1984 1984 IEEE Symposium on Security and Privacy  
This paper provides a brief explanation of the two most cited models in the field of computer security and points out the basic differences between them.  ...  There ia a common misconception in the field that the MLS tool for HDM ia designed to be an implementation of the Bell and LaPadula model.  ...  Establishing multilevel security for a specific specification in SPECIAL involves writing a set of specifications that completely specify the external interface of the system.  ... 
doi:10.1109/sp.1984.10021 dblp:conf/sp/Taylor84 fatcat:urnktgxa4jbvtg27iyjy5mxogi

Lessons Learned from Building a High-Assurance Crypto Gateway

Clark Weissman, Timothy Levin
2011 IEEE Security and Privacy  
Most modern large-scale systems employ a complex organization of distributed components, described Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting burden for the collection of  ...  information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing  ...  Acknowledgments Steven Greenwald and Cynthia Irvine helped considerably in reviewing a preliminary version of this document. Brant Hashii built much of eSS.  ... 
doi:10.1109/msp.2010.201 fatcat:k5zvshjmbndstgqtjt43ohdxzy

Mathematics, technology, and trust: formal verification, computer security, and the U.S. military

D. MacKenzie, G. Pottinger
1997 IEEE Annals of the History of Computing  
A distinctive concern in the U.S. military for computer security dates from the emergence of time-sharing systems in the 1960s.  ...  The paper examines the connections between computer security and formal, deductive verification of the properties of computer systems.  ...  Science and Engineering Research Council/Safety Critical Systems Research Programme (GR/J58619). Additional support was provided by the U.S. Navy through the Naval Research Laboratory and by the U.S.  ... 
doi:10.1109/85.601735 fatcat:zba5ya33yvg5rcqquxhovwfycm

Secure Database Development [chapter]

Jan Jurjens, Eduardo B. Fernandez
2014 Encyclopedia of Database Systems  
For the database community the words secure database design may refer to the schema design to produce a database for a specific application with some level of security properties.  ...  There is a large amount of literature on this latter subject and a related section in this encyclopedia (Database security).  ...  Applications including secure databases Since this approach is tailored to the application, one can add the required level of security using formal proofs when necessary.  ... 
doi:10.1007/978-1-4899-7993-3_329-2 fatcat:ybhrxoe46rebxakmfby4xdwwcq

Secure Interoperation of Secure Distributed Databases [chapter]

Fred Gilham, R. A. Riemenschneider, Victoria Stavridou
1999 Lecture Notes in Computer Science  
Are the transformation verification techniques that we have developed sufficient for verifying a collection of transformations adequate for implementing complex secure architecture?  ...  This paper describes the process of implementing an architecture for secure distributed transaction processing, the process of verifying that it has the desired security properties, and the implementation  ...  Specifically, we added the constraint that the system must satisfy a multilevel secure access control policy.  ... 
doi:10.1007/3-540-48119-2_39 fatcat:3cjierxlwfhonorjgsmx652h6q

On the Verification of Intransitive Noninterference in Mulitlevel Security

N. BenHadj-Alouane, S. Lafrance, F. Lin, J. Mullins, M.M. Yeddes
2005 IEEE Transactions on Systems Man and Cybernetics Part B (Cybernetics)  
In this paper, we generalize the results for systems with any finite number of security levels by developing a direct method for checking -observability, based on an insightful observation that the function  ...  INI can be used to characterize and solve several important security problems in multilevel security systems.  ...  Intransitive Noninterference in Multilevel Systems To formally define INI, let us consider a set of security domains, a set of events partitioned over these domains, de-scribed by the mapping , and an  ... 
doi:10.1109/tsmcb.2005.847749 pmid:16240770 fatcat:lo7nke3qzrg33blorte43bql6a

Twelfth National Computer Security Conference - Baltimore, MD - October 10-13, 1989

E.B. Lennon
1990 Journal of Research of the National Institute of Standards and Technology  
for the Honeywell LOCK project; the formal specification of security aspects of a messaging system architecture; a Secure Distributed Operating System (SDOS) proto-type; a high B level security architecture  ...  Penelope is a prototype Ada verification editor whose user interactively and concurrently develops specifications of programs, their Ada text, and proofs of their verification conditions.  ... 
doi:10.6028/jres.095.023 pmid:28179774 pmcid:PMC4930047 fatcat:2nvckbuabrg2phfmx6s7lh6ezu

The SeaView security model

T.F. Lunt, D.E. Denning, R.R. Schell, M. Heckman, W.R. Shockley
1990 IEEE Transactions on Software Engineering  
This paper describes a formal security model for a such a system.  ...  A multilevel database is intended to provide the security needed for database systems that contain data at a variety of classifications and serve a set of users having different clearances.  ...  This paper presents a formal security policy model for a secure multilevel relational database system.  ... 
doi:10.1109/32.55088 fatcat:k26mscrplzetvofp7egqpubtse

An entropy conservation law for testing the completeness of covert channel analysis

Randy Browne
1994 Proceedings of the 2nd ACM Conference on Computer and communications security - CCS '94  
Covert channel analysis typically involves stu& of individual covert channels in isolation, and determining the thoroughness of such case-by-case analysis can be d@cult.  ...  To help address this problem, this paper$onnally dejnes the notion of a "complete" set of covert channels.  ...  Designing Systems to Simplify Channel Analysis In as much as one might design a system to be reliable, maintainable, testable, or to support formal proof, one might also design a system with the specific  ... 
doi:10.1145/191177.191244 dblp:conf/ccs/Browne94 fatcat:3r62gqusljcddp7yaargutwblu

From a Proven Correct Microkernel to Trustworthy Large Systems [chapter]

June Andronick
2011 Lecture Notes in Computer Science  
The next big step in the challenge of building truly trustworthy systems is to provide a framework for developing secure systems on top of seL4.  ...  The seL4 microkernel was the world's first general-purpose operating system kernel with a formal, machine-checked proof of correctness.  ...  Acknowledgments The proof of the SAC mentioned above was conducted almost entirely by David Greenaway with minor contributions from Xin Gao, Gerwin  ... 
doi:10.1007/978-3-642-18070-5_1 fatcat:yeoqx3v4tnf5pakxffeucoslfe
« Previous Showing results 1 — 15 out of 4,430 results