By Topic

A case-study of security policy for manual and automated systems

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
E. H. Sibley ; Dept. of Inf. & Software Syst. Eng., George Mason Univ., Fairfax, VA, USA ; J. B. Michael ; R. S. Sandhu

It is argued that predisposed assumptions in security policy models can leave holes in the security aspects of the information systems that are based on them. In particular, information systems based only on the Bell-LaPadula model (D.E. Bell and L.J. LaPadula, 1976) pose potential problems by allowing new threats to be built in them because the policies are incomplete. A comparison of manual and automated systems is used to demonstrate the derivation of the Bell-LaPadula star-property for automated systems and its analog for manual systems. This exercise aids in producing a policy model based on needs and a perspective on the limitations of classical security policy models

Published in:

Computer Assurance, 1991. COMPASS '91, Systems Integrity, Software Safety and Process Security. Proceedings of the Sixth Annual Conference on

Date of Conference:

24-27 Jun 1991