ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Towards security labelling
Full text PdfPdf (202 KB)
Source ACM International Conference Proceeding Series; Vol. 171 archive
Proceedings of the 29th Australasian Computer Science Conference - Volume 48 table of contents
Hobart, Australia
Pages: 69 - 76  
Year of Publication: 2006
ISBN ~ ISSN:1445-1336 , 1-920682-30-9
Authors
Chuchang Liu  Information Networks Division, Defence Science and Technology Organisation, Edinburgh, SA, Australia
Mehmet A. Orgun  Department of Computing, Macquarie University, Sydney, NSW, Australia
Publisher
Australian Computer Society, Inc.  Darlinghurst, Australia, Australia
Bibliometrics
Downloads (6 Weeks): 1,   Downloads (12 Months): 11,   Citation Count: 1
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Review this Article  

ABSTRACT

Security labels are applied for numerous reasons, including the handling of data communicated between open systems. The information contained within a security label can be utilised to perform access control decisions, specify protective measure, and aid in the determination of additional handling restrictions required by a communications security policy. This paper concerns the issues regarding security labelling in open systems. We propose a security labelling framework for such systems; and further, based on this framework, we develop a mechanically checkable model for security labelling systems and discuss its implementation issues. This model provides a functional base for future design and implementation of security labelling systems.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
FIPS PUB 188. (1994), Standard Security Label for Information Transfer. Available from www.itl.nist.gov/fipspubs/fipl88.htm.
 
2
ISO/IEC 7498-1 (1994), Information Technology - Open Systems Interconnection - Basic Reference Model: The Basic Model. ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission).
 
3
AusCert, Deloitte Touche Tohmatsu. (2002), Australian Computer Crime and Security Survey. http://www.auscert.org.au/Information/ Auscert_info/2002cs.pdf.
 
4
Bell, D. E. & LaPadula, L. J. (1976), Secure Computer System: Unified exposition and Multics interpretation. MTR-2997, MITRE, Bedford, MA.
 
5
Biba, K. J. (1977), Integrity Consideration for Secure Computer Systems. MTR-3153, The Mitre Corporation.
 
6
Internet CIPSO Working Group. (1993), Common IP Security Option Version 2.3. Internet Draft.
7
Nevin Heintze , Jon G. Riecke, The SLam calculus: programming with secrecy and integrity, Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.365-377, January 19-21, 1998, San Diego, California, United States  [doi>10.1145/268946.268976]
 
8
Housley, R. (1993), Security Labeling Framework for the Intenet. Internet RFC 1457, May 1993.
 
9
ITU-T Recommendation X.841 (2000), Information technology - Security Techniques - Security information objects for access control.
 
10
McCabe, K., Rassenti, S. & Smith, V. (1996), Game theory and reciprocity in some extensive form experimental games. Proceeding of The National Academy of Science, 93:13421-13428.
11
Andrew C. Myers , Barbara Liskov, Protecting privacy using the decentralized label model, ACM Transactions on Software Engineering and Methodology (TOSEM), v.9 n.4, p.410-442, Oct. 2000  [doi>10.1145/363516.363526]
 
12
M. K. Reiter , S. G. Stubblebine, Toward acceptable metrics of authentication, Proceedings of the 1997 IEEE Symposium on Security and Privacy, p.10, May 04-07, 1997
 
13
Bruce Schneier, Secrets & Lies: Digital Security in a Networked World, John Wiley & Sons, Inc., New York, NY, 2000
 
14
Adrian Spalka , Armin B. Cremers , Hartmut Lehmler, Protecting Confidentiality against Trojan Horse Programs in Discretionary Access Control System, Proceedings of the 5th Australasian Conference on Information Security and Privacy, p.1-17, July 10-12, 2000
15
Steve Zdancewic , Lantian Zheng , Nathaniel Nystrom , Andrew C. Myers, Untrusted hosts and confidentiality: secure program partitioning, Proceedings of the eighteenth ACM symposium on Operating systems principles, October 21-24, 2001, Banff, Alberta, Canada
 
16
Zheng, L. & Myers, A.C. (2004), Dynamic security labels and noninterference. In Proceedings of the 2nd International Workshop on Formal Aspects in Security and Trust (FAST), Toulouse, France.

CITED BY
 
Chuchang Liu , Angela Billard , Maris Ozols , Nikifor Jeremic, Access control models and security labelling, Proceedings of the thirtieth Australasian conference on Computer science, p.181-190, January 30-February 02, 2007, Ballarat, Victoria, Australia

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.0 General
          Subjects: Security and protection (e.g., firewalls)

Additional Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.0 General
          Subjects: Open Systems Interconnection reference model (OSI)
      C.2.3 Network Operations
          Subjects: Network management; Network monitoring

  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS
      K.6.5 Security and Protection (D.4.6, K.4.2)


General Terms:
Algorithms, Design, Security


Keywords:
label validation, open systems, security labelling, security policy

Collaborative Colleagues:
Chuchang Liu: colleagues
Mehmet A. Orgun: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player