The specification and implementation of “commercial” security requirements including dynamic segregation of duties

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

The specification and implementation of “commercial” security requirements including dynamic segregation of duties

Full text

Pdf (1.32 MB)

Source

Conference on Computer and Communications Security archive
Proceedings of the 4th ACM conference on Computer and communications security table of contents

Zurich, Switzerland

Pages: 125 - 134

Year of Publication: 1997

ISBN:0-89791-912-2

Author

Simon N. Foley

Department of Computer Science, University College, Cork, Ireland

Sponsor

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 8, Downloads (12 Months): 75, Citation Count: 7

Additional Information:

references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/266420.266447 What is a DOI?

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	D. Bell. Secure computer systems: A networklnterpretatlon, In Proceedings of the Aerospace Computer Security Appll. cations Conference, pages 32-39. IEEE Computer Society Press, 1986.
	2	W. Bobert and R. Kain. A practical alternative to hierorchical integrity properties. In Proceedlng8 of lhe Nat{onal Computer Security Conference, pages 18-27, 1985.
	3	M. Branstad et al. Trusted Mach design issues. In Proceed. ing3 Third Aerospace Computer Security Oon/erence, 1987.
	4	D. Brewer and M. Nash. The Chinese Wall security policy. In Proceedings of the 1989 IEEE Symposium on Security and Privacy, pages 206-214. TREE Computer Society Pre0~, May 1989.
	5	C. Bryce. Lattice-based enforcement of access control policies. Technical Report 1011, GMD, Institute SET-RS, Sankt Augustin, Germany, Aug. 1996.
	6	D. D. Clark and D. R. Wilson. A comparison of commercial and military computer security models, In Proceedings 1987 IEEE Symposium on Security and Privacy, pages i84-194, IEEt~ Computer Society Press, Apr. 1987.
	7	Denning, D.E. On the derivation of lattice structured information flow policies. Technical Report CSD TR180, Purdue University, 1976.
	8	S. Foley. Building Chinese Walls in standard Unix, In Supplement to the Proceedings of the 1996 IEEE Symposium on Security and Privacy (Five-Minute Abstracts). Full length version submitted for publication.
	9	S. Foley. Aggregation and separation as noninterference properties. Journal of Computer Security, 1(2):159-188, 1992.
	10	S. Foley. Reasoning about confidentiality requirements. In Proceedings of the Computer Security Foundations Work. shop, pages 150-160, Franconia, NH, June 1994, IEEE Computer Society.
	11	Simon Foley , Li Gong , Xiaolei Qian, A Security Model of Dynamic Labeling Providing a Tiered Approach to Verification, Proceedings of the 1996 IEEE Symposium on Security and Privacy, p.142, May 06-08, 1996
	12	Simson Garfinkel , Gene Spafford, Practical Unix and Internet security (2nd ed.), O'Reilly & Associates, Inc., Sebastopol, CA, 1996
	13	J. Jacob. The varieties of refinement. In J. M. Mort.10 and R. C. Shaw, editors, Proceedings of the $th Refinement Workshop, pages 441-455. Springer-Verlag, 1991.
	14	T. Lee. Using mandatory integrity to enforce 'commer\|cM' security. In Proceedings of the Symposium on Security and Privacy, pages 140-146, 1988.
	15	M. Nash and K. Poland. Some conundrtm~ concerning separation of duty. In Proceedings of the 5ymposlum on Security and Privacy, pages 201-207, Oakland, CA, May 1990. IEEE Computer Society Press.
	16	W. Polk. Approximating Clark-Wilson access trlple~ with basic UNIX controls. In Uniz Security Symposium IV, page~ 145-154, 1993.
	17	Ravi S. Sandhu, Lattice-Based Access Control Models, Computer, v.26 n.11, p.9-19, November 1993 [doi>10.1109/2.241422]
	18	W. Shocldey. Implementing the Clark Wilson integrity policy using current technology. In Proceedings of the National Computer Security Conference, pages 29-36, 1988.
	19	J. M. Spivey, The Z notation: a reference manual, Prentice Hall International (UK) Ltd., Hertfordshire, UK, 1992
	20	D. Thomsen and 3. Haigh. A comparison of type enforcement and Unix setuid implementation o~ well-formed transactions. In Computer Security Applications Conference, pages 304-312. IEEE Computer Society Press, 1990,

CITED BY 7

	Simon N. Foley, Conduit cascades and secure synchronization, Proceedings of the 2000 workshop on New security paradigms, p.141-150, September 18-21, 2000, Ballycotton, County Cork, Ireland
	Simon N. Foley , John P. Morrison, Computational paradigms and protection, Proceedings of the 2001 workshop on New security paradigms, September 10-13, 2001, Cloudcroft, New Mexico
	Qihua Wang , Ninghui Li, Direct static enforcement of high-level security policies, Proceedings of the 2nd ACM symposium on Information, computer and communications security, March 20-22, 2007, Singapore
	Naftaly H. Minsky , Victoria Ungureanu, Unified support for heterogeneous security policies in distributed systems, Proceedings of the 7th conference on USENIX Security Symposium, 1998, p.10-10, January 26-29, 1998, San Antonio, Texas
	Ninghui Li , Mahesh V. Tripunitara , Ziad Bizri, On mutually exclusive roles and separation-of-duty, ACM Transactions on Information and System Security (TISSEC), v.10 n.2, p.5-es, May 2007
	Constantin Serban , Naftaly Minsky, Generalized access control of synchronous communication, Proceedings of the ACM/IFIP/USENIX 2006 International Conference on Middleware, November 01-01, 2006, Melbourne, Australia
	Benjamin Aziz , Simon N. Foley , John Herbert , Garret Swart, Configuring storage-area networks using mandatory security, Journal of Computer Security, v.17 n.2, p.191-210, April 2009