A security model for military message systems

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

A security model for military message systems

Full text

Pdf (1.76 MB)

Source

ACM Transactions on Computer Systems (TOCS) archive
Volume 2 , Issue 3 (August 1984) table of contents

Pages: 198 - 222

Year of Publication: 1984

ISSN:0734-2071

Authors

Carl E. Landwehr	Naval Research Laboratory
Constance L. Heitmeyer	Naval Research Laboratory
John McLean	Naval Research Laboratory

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 14, Downloads (12 Months): 64, Citation Count: 17

Additional Information:

references cited by index terms review collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/989.991 What is a DOI?

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	AMES, S.R., JR., AND OESTREICHER, D.R. Design of a message processing system for a multilevel secure environment. In Proceedings of the AFIPS 1978 National Computer Conference (June 5-8), Vol. 47. AFIPS Press, Reston, Va., 765-771.
	2	Air Force Studies Board. Multilevel Data Management Security. Commission on Engineering and Technical Systems, National Research Council, National Academy Press, Washington, D.C., 1983.
	3	BELL, D.E. Secure computer systems: A refinement of the mathematical model. MTR-2547, Vol. Ill, MITRE Corp., Bedford, Mass., Apr. 1974, 30-31. Available as NTIS AD 780 528.
	4	BELL, D.E., AND LAPADULA, L.J. Secure computer system: Unified exposition and Multics interpretation. MTR-2997, MITRE Corp., Bedford, Mass., Mar 1976. Available as NTIS ADA 023 588.
	5	BmA, K.J. Integrity considerations for secure computer systems. ESD-TR-76-372, ESD/AFSC. Hanscom AFB, Bedford, MA, Apr. 1977 (available as MITRE MTR-3153, NTIS AD A039324).
	6	Ellis Choen, Information transmission in computational systems, Proceedings of the sixth ACM symposium on Operating systems principles, p.133-139, November 16-18, 1977, West Lafayette, Indiana, United States
	7	Dorothy E. Denning, A lattice model of secure information flow, Communications of the ACM, v.19 n.5, p.236-243, May 1976 [doi>10.1145/360051.360056]
	8	R. J. Feiertag , K. N. Levitt , L. Robinson, Proving multilevel security of a system design, Proceedings of the sixth ACM symposium on Operating systems principles, p.57-65, November 16-18, 1977, West Lafayette, Indiana, United States
	9	FORSDICK, H.C., AND THOMAS, R.H. The design of a Diamond--A distributed multimedia document system. BBN Rep. 5204, Bolt, Beranek, and Newman, Cambridge, Mass., Oct. 1982.
	10	HEITMEYER, C.L., AND WILSON, S.H. Military message systems: Current status and future directions. IEEE Trans. Commun., COM-28, 9, (Sept. 1980), 1645-1654.
	11	C. Heitmeyer , C. Landwehr , M. Cornwell, The use of quick prototypes in the secure military message systems project, ACM SIGSOFT Software Engineering Notes, v.7 n.5, p.85-87, December 1982
	12	Constance L. Heitmeyer , Carl E. Landwehr, Designing secure message systems: the military message systems (MMS) project, Proc. of the IFIP WG 6.5 working conference on Computer-based message services, p.247-257, November 1984, Nottingham, United Kingdom
	13	LANDWEHR, C.E. Assertions for verification of multilevel secure military message systems. ACM SIGSOFT Softw. Eng. Notes 5, 3 (July 1980), 46-47.
	14	Carl E. Landwehr, Formal Models for Computer Security, ACM Computing Surveys (CSUR), v.13 n.3, p.247-278, Sept. 1981 [doi>10.1145/356850.356852]
	15	LANDWEHR, C.E. What security levels are for and why integrity levels are unnecessary. NRL Tech. Memo 7590-308:CL:uni, Naval Research Laboratory, Washington, D.C., Feb. 1982.
	16	LAND WEHR, C. E., AND HEITMEYER, C.L. Military message systems: Requirements and security model. NRL Memo. Rep. 4925, Naval Research Laboratory, Washington, D.C., Sept. 1982. Available as NTIS ADA 119 960.
	17	MCCAULEY, E.J., AND P.J. DRONGOWSKI. KSOS--The design of a secure operating system. In Proceedings of the AFIPS 1979 National Computer Conference (June 4-7), Vol. 48. AFIPS Press, Reston, Va., 345-353.
	18	John McLean, A comment on the `basic security theorem' of Bell and LaPadula, Information Processing Letters, v.20 n.2, p.67-70, Feb. 1985 [doi>10.1016/0020-0190(85)90065-1]
	19	MOOERS, C.D. The HERMES guide. BBN Rep. 4995, Bolt, Beranek, and Newman, Cambridge, Mass., Aug. 1982.
	20	Gerald J. Popek , David A. Farber, A model for verification of data security in operating systems, Communications of the ACM, v.21 n.9, p.737-749, Sept. 1978 [doi>10.1145/359588.359597]
	21	ROTHENBERG, J. SIGMA message service: Reference manual, Version 2.3, Rep. ISI/TM-78- 11.2, USC/Inform. Sci. Inst., Marina del Rey, Calif., June 1979. Available as NTISADA 072 840.
	22	STOTZ, R., TUGENDER, R., AND WILCZYNSKI, D. SIGMA--An interactive message seryice for the military message experiment. In Proceedings of the AFIPS 1979 National Computer Confer- ' ence, (June 4-7, 1979), Vol. 48. AFIPS Press, Reston, Va. pp. 855-861.
	23	WILSON, S.H., GOODWlN, N.C., BERSOFF, E.H., AND THOMAS, N.M., III. Military message experiment--Vol. I executive summary. NRL Rep. 4454, Naval Research Laboratory, Washington, D.C., Mar. 1982. Available as NTIS ADA 112 789.
	24	WOODWARD, J. P.L. Applications for multilevel secure operating systems. In Proceedings of the AFIPS 1979 National Computer Conference (June 4-7), Vol. 48. AFIPS Press, Reston, Va. 1979, pp. 319-328.

CITED BY 17

	Glenn S. Benson , Ian F. Akyildiz , William F. Appelbe, A formal protection model of security in centralized, parallel, and distributed systems, ACM Transactions on Computer Systems (TOCS), v.8 n.3, p.183-213, Aug. 1990
	Steven J. Greenwald, Discussion topic: what is the old security paradigm?, Proceedings of the 1998 workshop on New security paradigms, p.107-118, September 22-26, 1998, Charlottesville, Virginia, United States
	D Estrin, Inter-organization networks: implications of access control: requirements for interconnection protocol, ACM SIGCOMM Computer Communication Review, v.16 n.3, p.254-264, Aug. 5, 1986
	José de J. Vázquez-Gómez, Modelling multidomain security, Proceedings on the 1992-1993 workshop on New security paradigms, p.167-174, August 1993, Little Compton, Rhode Island, United States
	Leonard J. LaPadula, Prospect on security paradigms, Proceedings on the 1992-1993 workshop on New security paradigms, p.62-68, August 1993, Little Compton, Rhode Island, United States
	Steven J. Greenwald, A new security policy for distributed resource management and access control, Proceedings of the 1996 workshop on New security paradigms, p.74-86, September 17-20, 1996, Lake Arrowhead, California, United States
	Constance L. Heitmeyer , Ralph D. Jeffords , Bruce G. Labaw, Automated consistency checking of requirements specifications, ACM Transactions on Software Engineering and Methodology (TOSEM), v.5 n.3, p.231-261, July 1996
	Donald Mackenzie , Garrel Pottinger, Mathematics, Technology, and Trust: Formal Verification, Computer Security, and the U.S. Military, IEEE Annals of the History of Computing, v.19 n.3, p.41-59, July 1997
	Wen-Pai Lu , Malur K. Sundareshan, A Model for Multilevel Security in Computer Networks, IEEE Transactions on Software Engineering, v.16 n.6, p.647-659, June 1990
	John McLean, The Specification and Modeling of Computer Security, Computer, v.23 n.1, p.9-16, January 1990
	Carl E. Landwehr, Some lessons from formalizing a security model, ACM SIGSOFT Software Engineering Notes, v.10 n.4, August 1985
	Yanhong A. Liu , Chen Wang , Michael Gorbovitski , Tom Rothamel , Yongxi Cheng , Yingchao Zhao , Jing Zhang, Core role-based access control: efficient implementations by transformations, Proceedings of the 2006 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation, January 09-10, 2006, Charleston, South Carolina
	Constance Heitmeyer, Developing safety-critical systems: the role of formal methods and tools, Proceedings of the 10th Australian workshop on Safety critical systems and software, p.95-99, August 25, 2005, Sydney, Australia
	Constance L. Heitmeyer , Myla Archer , Elizabeth I. Leonard , John McLean, Formal specification and verification of data separation in a separation kernel for an embedded system, Proceedings of the 13th ACM conference on Computer and communications security, October 30-November 03, 2006, Alexandria, Virginia, USA
	Jeffrey Choi Robinson , Jim Alves-Foss, A high assurance MLS file server, ACM SIGOPS Operating Systems Review, v.41 n.1, January 2007
	Lee Badger , Daniel F. Sterne , David L. Sherman , Kenneth M. Walker , Sheila A. Haghighat, A domain and type enforcement UNIX prototype, Proceedings of the 5th conference on USENIX UNIX Security Symposium, p.12-12, June 05-07, 1995, Salt Lake City, Utah
	Dijiang Huang , Deep Medhi, A secure group key management scheme for hierarchical mobile ad hoc networks, Ad Hoc Networks, v.6 n.4, p.560-577, June, 2008

INDEX TERMS

Classification:
C. Computer Systems Organization
C.2 COMPUTER-COMMUNICATION NETWORKS
C.2.0 General
Subjects: Security and protection (e.g., firewalls)

D. Software
D.4 OPERATING SYSTEMS
D.4.4 Communications Management
Subjects: Message sending

I. Computing Methodologies
I.6 SIMULATION AND MODELING

J. Computer Applications
J.7 COMPUTERS IN OTHER SYSTEMS
Subjects: Military

General Terms:
Algorithms, Design, Experimentation, Human Factors, Measurement, Performance, Security, Verification

Keywords:
confinement, message systems, storage channels

REVIEW

"Steven B. Lipner : Reviewer"

The design and selection of security models has assumed the status of a “hot topic” during the last few years. The Department of Defense has developed a set of evaluation criteria [1] for Trusted Computing Bases, or TCBs (roughly, se more...

Collaborative Colleagues:

Carl E. Landwehr: colleagues

Constance L. Heitmeyer: colleagues

John McLean: colleagues

Adobe Acrobat

QuickTime

Windows Media Player

Real Player