By Topic

Computer Security Applications Conference, 1989., Fifth Annual

Date 4-8 Dec. 1989

Filter Results

Displaying Results 1 - 25 of 62
  • Fifth Annual Computer Security Applications Conference (Cat. No.89TH0287-3)

    Publication Year: 1989
    Request permission for commercial reuse | PDF file iconPDF (104 KB)
    Freely Available from IEEE
  • Secure automated document delivery

    Publication Year: 1989, Page(s):348 - 356
    Cited by:  Papers (1)  |  Patents (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (436 KB)

    A model for secure delivery of documents is proposed, and a prototype system based on earlier work on secure electronic mail and automated document delivery systems is described. In the proposed architecture, security protection is provided for both document requests and the actual documents delivered. Electronic mail protocols are used for document requests and delivery, although file transfer pr... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Designing a trusted client-server distributed network

    Publication Year: 1989, Page(s):91 - 94
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (188 KB)

    The client-server distributed network model was analyzed from a security perspective, and an expanded client-server model which includes security-relevant properties was developed. A network-oriented security policy was produced as the next step in developing a trusted client-server network. The various services provided on the distributed network map into NTCB partitions, producing an easily spec... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Use of privacy-enhanced mail for software distribution

    Publication Year: 1989, Page(s):344 - 347
    Cited by:  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (260 KB)

    There is currently only limited assurance that software electronically downloaded from a central source is a faithful copy of the original software. Current Internet standards for privacy enhancement of electronic mail can also be employed to protect electronic distribution of software. The standards offer disclosure protection, source (sender) authentication, and message integrity services. Howev... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Development of a multi level data generation application for GEMSOS

    Publication Year: 1989, Page(s):86 - 90
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (280 KB)

    The Gemini computer, which uses the Gemini Multiprocessing Secure Operating System (GEMSOS), is one of only a handful of computers which are designed to meet A1 level requirements. Martin Marietta's approach to using the Gemini computer as a process, device, and memory manager is discussed. An example application which was developed in 25 man-days with 125 lines of trusted code is presented. The e... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The trusted server approach to multilevel security

    Publication Year: 1989, Page(s):335 - 341
    Cited by:  Papers (1)  |  Patents (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (460 KB)

    Suggests the trusted server as a means of injecting multilevel security into applications such as command control and intelligence systems. It presents an example trusted database server and a trusted gateway server. A taxonomy is presented for gateway servers. Finally, the paper argues that the trusted server is a gap filler, in that it can off load much of the security design, maintenance and di... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • End-to-end encryption at the network layer

    Publication Year: 1989
    Cited by:  Patents (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (64 KB)

    Both network-layer and transport-layer encryption are permitted by the OSI Security Addendum. The advantages of network-layer encryption are discussed. Secure data network system (SDNS) protocols are described. In the SDNS, SP is a single, simple encryption protocol between end-systems. This protocol has two descriptions, SP3 (network layer) and SP4 (transport layer). Both definitions are OSI comp... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security audit for embedded avionics systems

    Publication Year: 1989, Page(s):78 - 84
    Cited by:  Papers (1)  |  Patents (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (340 KB)

    The design of security audit subsystems for real-time embedded avionics systems is described. The selection criteria of auditable events and the design of the audit functions are described. The data storage requirements and the data compression features of embedded avionics systems are analyzed. Two data compression algorithms applicable to avionics systems are described. Huffman encoding is optim... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Report from the second RADC database security workshop

    Publication Year: 1989, Page(s):310 - 313
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (256 KB)

    The second RADC (Rome Air Development Center) Invitational Database Security Workshop (held May 15-18 in Bethlehem, New Hampshire) focused on multilevel security issues for Class B3 or A1 database systems. The workshop participants discussed operating system support for secure database systems; database system process privilege; mandatory, discretionary, and need-to-know requirements; modeling iss... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security approach for rapid prototyping in multilevel secure systems

    Publication Year: 1989, Page(s):328 - 334
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (588 KB)

    Use of rapid prototyping to develop Multilevel Secure (MLS) systems requires that security be included in the rapid prototyping process. The literature shows some examples of rapid prototyping applied to secure components. However, little guidance is available for using a rapid prototype to develop an MLS system, consisting of multiple components, that can be accredited in the DOD environment. A m... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Network authentication tokens

    Publication Year: 1989, Page(s):234 - 238
    Cited by:  Patents (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (296 KB)

    Network users may be authenticated by different means and from a variety of locations. Once authenticated, the user's access should be consistent with the strength of the authentication. The author examines one possible method for determining the authentication strength and conveying this information within a distributed network. The approach discussed uses a token composed of a unique user ID and... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A security standard for LANs

    Publication Year: 1989
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (60 KB)

    The work of IEEE 802.10, the LAN Security Working Group, in developing the Standard for Interoperable LAN Security (SILS) is described. The areas for security standardization are: a protocol for the secure exchange of data at the data link layer, the management of cryptographic keys at the application layer, and the specification of the network management objects associated with the secure data ex... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Protection of call detail records data in federal telecommunications

    Publication Year: 1989, Page(s):70 - 77
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (400 KB)

    Techniques for protection of the call detail records (CDR) in US federal government telecommunications systems, such as the FTS2000 and agency PABXs, are identified. CDR data flow, its use in telecommunication, and its protection requirements are described. Descriptions of threats and countermeasures are provided. Recommendations for handling and protection of the CDR database are made for the fol... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Architectural support of fine-grained secure computing

    Publication Year: 1989, Page(s):121 - 130
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (584 KB)

    An architecture especially adept at security support is outlined. The architecture's fundamental information unit is a two-tuple, or ordered pair, consisting of a datum word and an associated security tag. As an atomic information unit, the two-tuple moves around through the architecture in unison as processing proceeds. a security subprocessor always operates on a security tag in synchrony with a... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security model development environment

    Publication Year: 1989, Page(s):299 - 307
    Cited by:  Patents (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (788 KB)

    Introduces the Security Model Development Environment (SMDE); a suite of prototype tools for the development of secure systems. The development of the SMDE was performed under contract for the Rome Air Development Center and Strategic Defense Initiative. The SMDE is based on a methodology for the construction and analysis of security models, which supports the model developer via an iterative mode... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A perspective on integrity mechanisms

    Publication Year: 1989
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (72 KB)

    Accepting the common viewpoint that integrity is concerned with information modification rather than information disclosure or information availability, the author considers two views on what nondiscretionary controls are needed for information integrity: (1) Clark and Wilson's view that some separate mechanisms are required for enforcement of integrity policies, disjoint from those of the Orange ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Secure database design: an implementation using a secure DBMS

    Publication Year: 1989
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (64 KB)

    G.W. Smith presented a homework problem at the second annual RADC (Rome Air Development Center) Database Security Workshop and challenged the workshop attendees to provide a prototype database design. In the present work, it is shown that most of the MLS (multilevel secure) design requirements in the homework problem could be implemented on the Sybase Secure SQL Server with no noticeable performan... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Auditing: a relevant contribution to trusted database management systems

    Publication Year: 1989
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (44 KB)

    Summary form only given. An ongoing study of audit issues in the context of trusted database management systems (TDBMSs) is discussed. The study consists of a survey of the state of the art, an analysis of issues raised, and an assessment of future relevant research. The scope of the study is broad, and includes a variety of security policies and TDBMS architectures intended for commercial and def... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Applying the TNI to system certification and accreditation

    Publication Year: 1989, Page(s):248 - 252
    Cited by:  Patents (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (400 KB)

    Department of Defense systems that process sensitive (including classified) information must undergo formal technical assessment and approval before they are allowed to operate. The technical assessment and approval processes are called certification and accreditation, respectively. The author presents issues involved in certifying and accrediting networks with respect to the two network views, th... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Assessment of security requirements for sensitive systems

    Publication Year: 1989
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (48 KB)

    Summary form only given. A methodology for using a risk assessment approach to determine security and control requirements for sensitive systems is described. The assessment considers two categories of risk criteria: (1) pervasive risk and (2) specific risk. The final risk measure (or score) is calculated from the overall assessed risk ratings and weight factors assigned to these criteria. The fin... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • ADP security within the Customs Service

    Publication Year: 1989, Page(s):144 - 145
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (116 KB)

    Computer security within the US Customs Service is discussed. The structure and functions of the Office of Data Systems are outlined. Several cases are related that illustrate problems in the AIS (automated information system) security area. They involve customs employees who stole government funds View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Implementing sensitive but unclassified security, today-a workshop proposal

    Publication Year: 1989, Page(s):20 - 24
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (260 KB)

    The status of unclassified systems security in the US and how that status can be changed are discussed. The problem is outlined from the manufacturer's and the user's points of view. The problems of an overwhelmingly large base of installed telecommunications and computer products, of the lack of cost-effective, secure platforms, and of the lack of a systematic security market are addressed. Parti... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security standards for open systems

    Publication Year: 1989, Page(s):64 - 67
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (32 KB)

    A panel on security standards for open systems is summarized. The topics discussed are ISO/IEC work on OSI (open systems interconnection) security standards, CCITT DAF (framework for the support of distributed applications) security, and ECMA security standards View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Data protection requirements in computer-aided acquisition and logistic support

    Publication Year: 1989, Page(s):12 - 13
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (108 KB)

    The author describes computer-aided acquisition and logistic support (CALS), a Department of Defense (DoD) and industry strategy to enable and accelerate the integration of digital technical information for weapon system acquisition, design, manufacture, and support. CALS will provide for an effective transition from current paper-intensive weapon system life-cycle processes to the efficient use o... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Process execution controls as a mechanism to ensure consistency

    Publication Year: 1989, Page(s):114 - 120
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (444 KB)

    A mechanism for ensuring that the changes to a system and its data occur in a consistent manner is presented. The mechanism, process execution controls, imposes restrictions on the method of access to the data, unlike access controls which impose restrictions upon which users can access the data. This mechanism imposes another layer to the currently existing access control restrictions, but one th... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.