By Topic

Computer Security Foundations Workshop VI, 1993. Proceedings

Date 15-17 June 1993

Filter Results

Displaying Results 1 - 14 of 14
  • 1993 Computer Security Foundations Workshop VI Proceedings (Cat. No.93TH0561-1)

    Publication Year: 1993
    Request permission for commercial reuse | PDF file iconPDF (26 KB)
    Freely Available from IEEE
  • Information flow control in a parallel language framework

    Publication Year: 1993, Page(s):39 - 52
    Cited by:  Papers (6)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (960 KB)

    A discussion is given on a programming language based approach to information flow control in a system of communicating processes. The approach differs from previous work in that the security level approach to controlling flows is replaced by a mechanism where flows are registered in terms of the set of variable signaling information and that the manner of registering the inter-process information... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The concurrency control and recovery problem for multilevel update transactions in MLS systems

    Publication Year: 1993, Page(s):10 - 23
    Cited by:  Papers (2)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1156 KB)

    The problem is addressed of a transaction reading and writing data at multiple classification levels in a multilevel secure (MLS) database. The authors refer to such transactions as multilevel update transactions. They show that no scheduler can ensure atomicity of multilevel update transactions in the presence of transaction aborts and at the same time be secure. There are essentially two ways of... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A logical formalization of secrecy

    Publication Year: 1993, Page(s):53 - 62
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (792 KB)

    A formal definition is given of what must be considered as secret in a multilevel computer system. The author's point of view drastically differs from the classical approaches since it advocates that all the information contained in the sequence of high level inputs need not be considered as secret. The approach is based on an extended logic involving epistemic and deontic modal operators. This le... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Towards formal analysis of security protocols

    Publication Year: 1993, Page(s):147 - 158
    Cited by:  Papers (22)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (840 KB)

    The pioneering and well-known work of M. Burrows, M. Abadi and R. Needham (1989), (the BAN logic) which dominates the area of security protocol analysis is shown to take an approach which is not fully formal and which consequently permits approval of dangerous protocols. Measures to make the BAN logic formal are then proposed. The formalisation is found to be desirable not only for its potential i... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Automated support for external consistency

    Publication Year: 1993, Page(s):71 - 81
    Cited by:  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (836 KB)

    Two models are presented of how to achieve an external-consistency objective motivated by the enterprise integrity of D.D. Clark and D.R. Wilson. The authors' notion of external consistency deals with the correctness of both assertions-propositions claimed to be true by their source-and requests-commands, authorizations, and similar sentences intended to change their source's environment. Each mod... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Modeling restrictive processes that involve blocking requests

    Publication Year: 1993, Page(s):27 - 38
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (828 KB)

    A decomposition method is given for showing restrictiveness that supports shared resource handling. The author splits a process into two subprocesses representing the server and client. The client process may request information and block until the information is sent. The server process will provide information when requested. This kind of method supports a natural way of expressing models using ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On analyzing the bus-contention channel under fuzzy time

    Publication Year: 1993, Page(s):3 - 9
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (512 KB)

    The bus-contention channel is a covert channel that can be exploited at a rate exceeding 1000 bits per second. Fuzzy time is a countermeasure first described by Wei-Ming Hu (1991). To assess the effectiveness of fuzzy time, it is desirable to have an information-theoretic capacity analysis of the bus-contention channel under fuzzy time. The author points out that the capacity of this channel depen... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Abstract machines for communication security

    Publication Year: 1993, Page(s):137 - 146
    Cited by:  Papers (6)  |  Patents (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (752 KB)

    An existing formal software development method called B is used to build and verify specifications of a communication channel, cryptographic functions and security properties. The authors show on an example how these basic specifications may be combined in order to write abstract specifications of cryptographic protocols and to verify their security View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A lattice of information

    Publication Year: 1993, Page(s):65 - 70
    Cited by:  Papers (9)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (376 KB)

    A framework is given for describing information and information flow. The authors show that information can be represented as a lattice. They motivate the idea that this framework is applicable for demonstrating security properties of systems. In particular, they show the relationship between the lattice representing information and the unwinding theorem. They also demonstrate the relationship bet... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Variations on the themes of message freshness and replay-or the difficulty in devising formal methods to analyze cryptographic protocols

    Publication Year: 1993, Page(s):131 - 136
    Cited by:  Papers (15)  |  Patents (6)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (456 KB)

    A survey is given of the variations on the choice and the usage of freshness identifiers, and the various forms of replay attack. Besides helping to clarify the important concepts of freshness and replay, this exercise demonstrates the potential complexity in devising formal methods to analyze cryptographic protocols View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An introduction to the mathematics of trust in security protocols

    Publication Year: 1993, Page(s):121 - 127
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (524 KB)

    One of the most important functions performed by security protocols is to transfer trust from where it exists to where it is needed. As a result , all protocols enforce a set of restrictions as to who may exercise them-either spelled out explicitly or left implicit in the protocol specification. In addition, there may be unanticipated-even unacceptable-groupings of participants who can also exerci... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On testing for absence of rights in access control models

    Publication Year: 1993, Page(s):109 - 118
    Cited by:  Papers (6)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (544 KB)

    The well-known access control model formalized by M.H. Harrison, W.C. Ruzzo, and J.D. Ullman (HRU) (1976), does not allow testing for absence of access rights in its commands. R.S. Sandhu's Typed Access Matrix (TAM) model (1992), which introduces strong typing into the HRU model, continues this tradition. P.E. Ammann R.S. Sandhu (1992), have proposed an extension of TAM called augmented TAM (ATAM)... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Petri net representation of the Take-Grant model

    Publication Year: 1993, Page(s):99 - 108
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (632 KB)

    The Take-Grant model is formalised with a Petri net notation. It is shown that this approach offers a convenient way to deal with the problem of determining the cooperation required to share or steal rights. An algorithm is proposed that finds all rights that a subject can steal with the help of a given set of conspirators. With the Petri net abstraction, the problem can be solved in linear time. ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.