ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Digital Library logoTake a look at the new version of this page: [ beta version ]. Tell us what you think.
An integrated framework for security and dependability
Full text PdfPdf (666 KB)
Source New Security Paradigms Workshop archive
Proceedings of the 1998 workshop on New security paradigms table of contents
Charlottesville, Virginia, United States
Pages: 22 - 29  
Year of Publication: 1998
ISBN:1-58113-168-2
Author
Erland Jonsson  Department of Computer Engineering, Chalmers University of Technology, SE-412 96 Goteborg, Sweden
Sponsor
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 2,   Downloads (12 Months): 61,   Citation Count: 4
Additional Information:

references   cited by   index terms   collaborative colleagues  

Tools and Actions: Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/310889.310903
What is a DOI?

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

1
Jim Alves-Foss , Salvador Barbosa, Assessing computer security vulnerability, ACM SIGOPS Operating Systems Review, v.29 n.3, p.3-13, July 1995  [doi>10.1145/206826.206829]
 
2
Jean Arlat , Karama Kanoun , Jean-Claude Laprie, Dependability Modeling and Evaluation of Software Fault-Tolerant Systems, IEEE Transactions on Computers, v.39 n.4, p.504-513, April 1990  [doi>10.1109/12.54843]
 
3
D. Bell, L. LaPadula, "Secure Computer Systems: Mathematical Foundations and Model", MITRE Report MTR 2547, Vol. 2, Nov. 1973.
 
4
K.J. Biba, "Integrity Considerations for Secure Computer Systems", Technical Report No. ESD-TR-76-372, Electronic Systems Division, US Air Force, Hanscom Field, Bedford, MA, 1977.
 
5
S. Brocklehurst, B. Littlewood, T. Olovsson, E. Jonsson: "On Measurement of Operational Security", in Proceedings of the Ninth Annual IEEE Conference on Computer Assurance, COMPASS'94, Gaithersburg, Maryland, USA, June 29-July 1, pp. 257-266. 1994.
 
6
A. Burns , J. McDermid , J. Dobson, On the meaning of safety and security, The Computer Journal, v.35 n.1, p.3-15, 1992  [doi>10.1093/comjnl/35.1.3]
 
7
Silvana Castano , Maria Grazia Fugini , Giancarlo Martella , Pierangela Samarati, Database security, ACM Press/Addison-Wesley Publishing Co., New York, NY, 1995
 
8
Canadian Trusted Computer Product Evaluation Criteria, Version 3.0e, Canadian System Security center, Communications Security Establishment Government of Canada, 1993.
 
9
M. Dacier: Vers une evaluation quantitative de la securite informatique, Doctoral thesis, LAAS Report No 94488, LAAS/CNRS, Toulouse, December 1994. (In French).
 
10
J. da Silva Fraga, D. Powell, "A Fault- and Intrusion- Tolerant File System", Proc. of the 3rd International Conference on Computer Security, IFIP/SEC '85, Dublin, Ireland, Aug. 1985. pp. 203-218.
 
11
C. J. Date, An introduction to database systems: vol. 1 (5th ed.), Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1990
 
12
D. E. Denning: "Secure Databases and Safety: Some unexpected conflicts," pp. 101-111 in T. Anderson (editor): Safe & Secure Computing Systems, Blackwell Scientific Publications, ISBN 0-632-01819-4, 1989.
13
Dorothy E. Denning, A new paradigm for trusted systems, Proceedings on the 1992-1993 workshop on New security paradigms, p.36-41, August 1993, Little Compton, Rhode Island, United States  [doi>10.1145/283751.283772]
 
14
Y. Deswarte, L. Blain, J-C. Fabre, "Intrusion Tolerance in Distributed Computer Systems", IEEE Symposium on Security and Privacy, IEEE Computer Society Press, 1991. pp. 110-121.
 
15
J. Dobson, J. McDermid, B. Randell: "On the Trustworthiness of Computer Systems", ESPRIT/BRA Project 3092 Technical Report Series No. 14, 1990.
 
16
Federal Criteria for Information Security Technology, Draft, National Institute of Standards and technology (NIST) and National Security Agency (NSA), 1992.
 
17
G. Graham, P. Denning, "Protection - Principles and Practice", Proc. 1972 AFIPS Spring Joint Computer Conference, AFIPS Press. pp. 417-429.
 
18
Ulf Gustafson , Erland Jonsson , Tomas Olovsson, On the modelling of preventive security based on a PC network intrusion experiment, Proceedings of the First Australasian Conference on Information Security and Privacy, p.242-252, June 24-26, 1996
 
19
D. Heimann, N. Mittal, K. Trivedi, "Dependability Modeling for Computer Systems" in Proc. of the Annual Reliability and Maintainability Symposium, 1991. pp. 120-127.
 
20
International Standards Organization: Information Processing Systems - Open Systems Interconnection - Basic Reference Model, part 2: Security Architecture 7498/2.
 
21
Information Technology Security Evaluation Criteria (ITSEC), Provisional Harmonized Criteria, December 1993. ISBN 92-826-7024-4.
 
22
Japanese Computer Security Evaluation Criteria - Functionality Requirements, Draft version 1.0, Ministry of International Trade and Industry (MITI), 1992.
 
23
E. Jonsson, T. Olovsson, "On the Integration of Security and Dependability in Computer Systems", iASTED International Conference on Reliability, Quality Control and Risk Assessment, Washington, Nov. 4-6, 1992. ISBN 0-88986-171-4, pp. 93-97.
 
24
E. Jonsson, "A Unified Approach to Dependability Impairments in Computer Systems", IASTED International Conference on Reliability, Quality Control and Risk Assessment, Cambridge, MA, Oct. 18-20 1993, ISBN 0-88986-181-1, pp. 173-178.
 
25
E. Jonsson, M. Andersson, S. Asmussen, "A Practical Dependability Measure for Degradable Computer Systems with Non-exponential Degradation", Proceedings of the IFAC Symposium on Fault Detection, Supervision and Safety for Technical Processes, SAFEPRO- CESS'94, Espoo, Finland, vol. 2, June 13-15, 1994. pp. 227-233.
 
26
Erland Jonsson , Mikael Andersson, On the quantitative assessment of behavioural security, Proceedings of the First Australasian Conference on Information Security and Privacy, p.228-241, June 24-26, 1996
 
27
Erland Jonsson , Tomas Olovsson, A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior, IEEE Transactions on Software Engineering, v.23 n.4, p.235-245, April 1997  [doi>10.1109/32.588541]
 
28
M.K. Joseph: "Integration Problems in Fault-Tolerant, Secure Computer Design," pp. 347-364 in A.Avizienis. J.C. Laprie (editors): Dependable Computing for Critical Applications, Springer-Verlag, N.Y., ISBN 3-211- 82249-6, 1991.
 
29
J. M. Juran, "Juran's Quality Control Handbook" 4th ed., McGraw-Hill, N.Y., 1988. ISBN 0-07-033176-6. pp. 2.8ff.
30
Butler W. Lampson, Protection, ACM SIGOPS Operating Systems Review, v.8 n.1, p.18-24, January 1974  [doi>10.1145/775265.775268]
31
Carl E. Landwehr, Formal Models for Computer Security, ACM Computing Surveys (CSUR), v.13 n.3, p.247-278, Sept. 1981  [doi>10.1145/356850.356852]
 
32
J. C. Laprie, A. Costes: "Dependability: A unifying concept for reliable computing", in Proc. 12th IEEE International Symposium on Fault-Tolerant Computing (FTCS-12), June 1982, pp 18-21.
 
33
J.C. C. Laprie , A. Avizienis , H. Kopetz, Dependability: Basic Concepts and Terminology, Springer-Verlag New York, Inc., Secaucus, NJ, 1992
 
34
B. Littlewood, S. Brocklehurst, N.E. Fenton, P. Mellor, S. Page, D. Wright, J.E. Dobson, J.A. McDermid and D. Gollmann, "Towards Operational Measures of Computer Security", Journal of Computer Security, vol. 2, no. 3. 1994.
 
35
J. McDermid, "On Dependability, Its Measurement and Its Management", in High Integrity Systems, Vol. 1, No. 1, 1994, Oxford University Press, pp. 17-26.
 
36
Sead Muftic, Security mechanisms for computer networks, Halsted Press, New York, NY, 1989
 
37
Peter G Neumann: "Computer system security evaluation", in 1978 National Computer Conference, AFIPS Conf. Proceedings 47, Arlington, VA, pp 1087-1095.
 
38
National Institute of Standards and Technology: Glossary of Computer Security Terms, NSC-TG-O04 version. 1, ("Aqua Book"), Oct. 21, 1988.
 
39
Glenford J. Myers, Art of Software Testing, John Wiley & Sons, Inc., New York, NY, 1979
 
40
T. Olovsson, E. Jonsson, S. Brocklehurst, B. Littlewood: "Data Collection for Security Fault Forecasting: Pilot Experiment", Technical Report No 167, Department of Computer Engineering, Chalmers University of Technology, 1992 and ESPRIT/BRA Project No 6362 (PDCS2) First Year Report, Toulouse Sept. 1993, pp 515-540.
 
41
T. Olovsson, E. Jonsson, S. Brocklehurst, B. Littlewood: "Towards Operational Measures of Computer Security: Experimentation and Modelling", Technical Report No 236, Department of Computer Engineering, Chalmers University of Technology, 1995 and in B. Randell et al. (editors.): Predictably Dependable Computing Systems, ESPRIT Basic Research Series, Springer Verlag, 1995, ISBN 3-540-59334-9, pp 555- 572.
 
42
G. Rubino, B. Sericola, "Successive Operational Periods as Measures of Dependability" in Dependable Computing for Critical Applications (editors A. Avizieniz et al.), Springer Verlag, ISBN 3-211-82249-6, 1991, pp. 239-254.
 
43
Ravi S. Sandhu, The Typed Access Matrix Model, Proceedings of the 1992 IEEE Symposium on Security and Privacy, p.122, May 04-06, 1992
 
44
B. C. Soh, T. S. Dillon," System Intrusion Detection: Model, Design and Analysis", Pacific Rim International Symposium on Fault-Tolerant Computing, Dec. 16-17, 1993, (PRFTS' 93), Melbourne, Australia, CRT Publishing Ltd, London. pp. 85-90.
 
45
D.E Sterne, "On the Buzzword Security Policy", IEEE Symposium on Security & Privacy, 1991, pp. 219 - 230.
 
46
Trusted Computer System Evaluation Criteria ("orange book"), National Computer Security Center, Department of Defense, No DOD 5200.28.STD, 1985.

CITED BY  4
Erland Jonsson , Lars Strömberg , Stefan Lindskog, On the functional relation between security and dependability impairments, Proceedings of the 1999 workshop on New security paradigms, p.104-111, September 22-24, 1999, Caledon Hills, Ontario, Canada
Brian Whitworth , Jerry Fjermestad , Edward Mahinda, The web of system performance, Communications of the ACM, v.49 n.5, p.92-99, May 2006
Marco D. Aime , Andrea Atzeni , Paolo C. Pomi, AMBRA: automated model-based risk analysis, Proceedings of the 2007 ACM workshop on Quality of protection, October 29-29, 2007, Alexandria, Virginia, USA
Klaus Julisch, Security compliance: the next frontier in security research, Proceedings of the 2008 workshop on New security paradigms, September 22-25, 2008, Lake Tahoe, California, USA

INDEX TERMS

Primary Classification:
  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS

Additional Classification:
  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS
      K.6.4 System Management
          Subjects: Quality assurance


General Terms:
Reliability, Security


Keywords:
computer security, concepts, confidentiality, dependability, measure, modellings

Collaborative Colleagues:
Erland Jonsson: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2010 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player