By Topic

[Proceedings 1988] Fourth Aerospace Computer Security Applications

12-16 Sept. 1988

Filter Results

Displaying Results 1 - 25 of 52
  • Fourth Aerospace Computer Security Applications Conference (IEEE Cat. No.CH2619-5)

    Publication Year: 1988
    Request permission for commercial reuse | PDF file iconPDF (558 KB)
    Freely Available from IEEE
  • Providing software integrity using type managers

    Publication Year: 1988, Page(s):287 - 294
    Cited by:  Patents (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (700 KB)

    The authors consider the protection of software development objects, including design specifications, program text, executables, test results and documentation, from both accidental and malicious modifications. An integrity policy based on the authors' interpretation of the D. Clark and D. Wilson (1987) model is defined and mechanisms to enforce the policy are described. Emphasis is on software me... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Transaction control expressions for separation of duties

    Publication Year: 1988, Page(s):282 - 286
    Cited by:  Papers (53)  |  Patents (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (452 KB)

    The author describes a model and notation for specifying and enforcing aspects of integrity policies, particularly separation of duties. The key idea is to associate a transaction control expression with each information object. The transaction control expression constrains the pattern in which transactions can be executed on an object. As operations are actually executed the transaction control e... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Characterizing network covert storage channels

    Publication Year: 1988, Page(s):275 - 279
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (424 KB)

    A novel characterization is presented for covert channels in stand-alone systems. This characterization is used to examine the nature of covert channels in computer networks. Most network covert channels are shown to reduce to covert channels in standalone systems. The remaining identified network covert channels are identified to be examples of a more general Trojan horse leakage problem. The sea... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A description of a formal verification and validation (FVV) process

    Publication Year: 1988, Page(s):401 - 408
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (548 KB)

    The Department of Defense Trusted Computer System Evaluation Criteria (TCSEC) establishes a requirement for formal verification activities of a TCB (trusted computer base) designed for mandatory of verified protection. The goal of formal verification is to prove that the design specification of a system is consistent with its security policy. The authors elaborate the principles of the formal veri... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Telling the goodguys: disseminating information on security holes

    Publication Year: 1988, Page(s):216 - 218
    Cited by:  Papers (1)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (200 KB)

    The author discusses what should be done by a software vendor when the product has a security flaw. One alternative, which the author discounts, is to hide the problem and hope it will not be discovered. The alternative, favored by the author, is to widely publicize the patch, hoping that `badguys' will not reverse engineer it to discover the hole. Several variations are proposed, including distri... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • System security in the Space Flight Operations Center

    Publication Year: 1988, Page(s):426 - 430
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (480 KB)

    The Space Flight Operations Center is a networked system of workstation-class computers that will provide ground support for NASA's (US National Aeronautics and Space Administration's) next generation of deep-space missions. The author recounts the development of the SFOC system security policy and discusses the various management and technology issues involved. Particular attention is given to ri... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The cascading problem for interconnected networks

    Publication Year: 1988, Page(s):269 - 274
    Cited by:  Papers (8)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (416 KB)

    One potential problem that must be faced when using the interconnected accredited system approach of the trusted network interpretation is cascading. The authors introduce some proofs showing that a simple nesting condition is sufficient and sometimes necessary to prevent cascading. They give a Prolog program that finds all cascading paths View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Denial of service flaws in SDI software-an initial assessment

    Publication Year: 1988, Page(s):22 - 29
    Cited by:  Patents (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (776 KB)

    The author provides a tutorial and survey into the denial-of-service aspect of computer security. Definitions from existing literature are presented, and several categorizations of potential denial-of-service flaws are provided with examples from actual cases. Methods for providing preventive resistance against denial-of-service threats as well as mechanisms for detection and recovery from denial-... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Minix security policy model

    Publication Year: 1988, Page(s):393 - 399
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (560 KB)

    The author describes how the Bell-La Padula model might be applied to the current, unrated Minix operating system. Also discussed are security issues pertaining to inherited accesses and the method used to characterize the Minix file permissions in terms of the more general access matrix model View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Retrofitting and developing applications for a trusted computing base

    Publication Year: 1988, Page(s):212 - 215
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (292 KB)

    The authors discuss the concept of a software analysis procedure to aid in the conversion of existing applications and in the development of applications for use with a trusted computing base (TCB). In this procedure, the system processes are broken down into small entities that permit detailed analysis to ensure that the trusted processes will be at the absolute minimum. The use of this analysis ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Inference controls for frequency count tables: an update

    Publication Year: 1988, Page(s):112 - 117
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (360 KB)

    A synopsis of mathematical problems and results that have been obtained in establishing effective inference controls for frequency-count tables, is presented. This brings up-to-date a related article by L.H. Cox (see CIPHER, p.4-14, 1986). Particular attention is given to inference controls for two-way frequency count tables and generalization for sets of tables and higher dimensions View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A model for secure distributed computations in a heterogeneous environment

    Publication Year: 1988, Page(s):233 - 241
    Cited by:  Papers (2)  |  Patents (15)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (756 KB)

    The author presents a model for secure distributed computations in a multilevel security, heterogeneous environment, called the multimember session model. This model does not place any restrictions on the computations using it, nor does it require any modification of security policies of local secure operating systems. It provides isolation between unrelated computations, and it ensures that the i... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Identifying and representing the security semantics of an application

    Publication Year: 1988, Page(s):125 - 130
    Cited by:  Papers (9)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (600 KB)

    The author approaches database security from the semantic level. He identifies the need to classify outputs from multilevel secure database systems at a level which accurately reflects the contents. Specifically, he addresses the question of what really makes information classified, that is, the security semantics of an application. A multidimensional taxonomy of generic secrecy constraints is pre... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Structuring trust in a large general purpose operating system

    Publication Year: 1988, Page(s):152 - 158
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (552 KB)

    A description is given of the approach taken by ICL to ameliorate the problem of evaluating the security of a large operating system in which the number of TCB (trusted computing base) and trusted process code procedures is large enough to make exhaustive detailed scrutinization more than exhausting. The approach is applicable to any structured large general-purpose system that enables a conventio... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A taxonomy of the causes of proof failures in applications using the HDM methodology

    Publication Year: 1988, Page(s):419 - 423
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (376 KB)

    A methodology for formal verification and validation based on HDM (Hierarchical Development Methodology) is described. The HDM formula generator and theorem prover is used to perform data flow analysis on the system specification. In applying this methodology, the author discovered that although there may be a large number of individual proof failures, there were always only a small number of dist... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Design and implementation of a secure terminal gateway

    Publication Year: 1988, Page(s):262 - 268
    Cited by:  Papers (1)  |  Patents (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (652 KB)

    The authors address some of the issues involved in developing applications to run in a multilevel secure security kernel. They detail their experience working with Gemini Computers Inc. machines, including their implementation of a secure terminal gateway (STG). They discuss some of the restrictions inherent in writing applications for secure computers, and how they designed the STG to best arrive... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Privacy enhanced electronic mail

    Publication Year: 1988, Page(s):16 - 21
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (500 KB)

    The progress of work at University College of London in implementing a prototype model of a privacy-enhanced messaging (PEM) system is reported. The design of model is specified by the DARPANET IAB Privacy Task Force RFC 1040. The model is one which provides privacy, integrity, and authentication of messages transmitted in a typical electronic-mail system. The design and implementation experience ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Exploring computer viruses

    Publication Year: 1988
    Cited by:  Papers (2)  |  Patents (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (396 KB)

    The author presents some thoughts on viruses and explores the anatomy of a sample computer virus. He details, using C language programs, some of the fundamental parts associated with viruses and how these viruses can be detected. It is concluded that the final decision for virus control rests with risk management. It is suggested that, at the very least, contingency plans for virus recovery along ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Producing secure digital information systems

    Publication Year: 1988, Page(s):180 - 122
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (204 KB)

    The security of a digital information system is determined by the process that produces the system. Thus, it is argued that the system production process is the central issue in achieving secure systems. A rigorous approach to digital system engineering is described which is based on a mathematical function that accurately and completely describes the physical behavior of the digital device in que... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security modeling in the Ulysses environment

    Publication Year: 1988, Page(s):386 - 392
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (528 KB)

    The authors give an overview of how the Ulysses system can be used for security modeling. The default theory of security permits the security analysis of complex designs by decomposing them into their parts. System specifications may be made by using a specialized graphical language interface and a textual interface. In addition, there are a number of support tools which aid the modeler. One of th... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Using CASE tools to improve the security of applications systems

    Publication Year: 1988, Page(s):205 - 208
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (324 KB)

    The authors overview CASE (computer-aided software engineering) tools and reviews security extensions to the system development life cycle. They then focus on requirements analysis to illustrate how security can be included in a CASE environment by adding tools or extending existing ones. These tools can help identify, store, analyze, report, track, and validate requirements View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Maintaining correctness, availability, and unambiguity in trusted database management systems

    Publication Year: 1988, Page(s):106 - 110
    Cited by:  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (452 KB)

    The various kinds of threats to integrity and security that arise in multilevel secure database systems are examined. The authors consider the various kinds of integrity constraints on a database and describe the conflicts between security and the various general integrity properties. They then consider an example of a trusted DBMS (database management system), in the spirit of R. Burns' `homework... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Integrity controls for military and commercial applications

    Publication Year: 1988, Page(s):298 - 322
    Cited by:  Papers (4)  |  Patents (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (2028 KB)

    Because it is generally not possible to prevent the destruction or alteration of data when objects are stored or transmitted outside the security perimeter of a TCB (trusted computer base), the emphasis is placed on detecting any illicit data, including the results of computer viruses and Trojan Horse programs, using cryptographic checksums and digital signature techniques. It is concluded that a ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Encryption using random keys-a scheme for secure communications

    Publication Year: 1988, Page(s):410 - 412
    Cited by:  Patents (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (220 KB)

    An encryption scheme using a random key generator with memory is presented. This system generates a random sequence of encryption/decryption keys. A feedback mechanism is used to endow the key generator with memory, thereby making it difficult to infer the random key sequence from a partial sequence of keys. The random key sequence is independent of the encrypting algorithm and is particularly sui... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.