By Topic

Computer Security Applications Conference, 1993. Proceedings., Ninth Annual

Date 6-10 Dec. 1993

Filter Results

Displaying Results 1 - 25 of 29
  • Proceedings of 9th Annual Computer Security Applications Conference

    Publication Year: 1993
    Request Permissions | PDF file iconPDF (26 KB)  
    Freely Available from IEEE
  • Effects of multilevel security on real-time applications

    Publication Year: 1993 , Page(s): 120 - 129
    Cited by:  Papers (2)
    Request Permissions | Click to expandAbstract | PDF file iconPDF (784 KB)  

    This paper presents a brief overview of a notional airborne application scenario that requires both multilevel security and real-time processing. It was used to guide decisions related to formation of the security policy interpretation, the operating system interface, and the system services design for a multilevel secure real-time distributed operating system (MLS RT DOS) called Secure Alpha. We ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Transmission schedules to prevent traffic analysis

    Publication Year: 1993 , Page(s): 108 - 115
    Cited by:  Papers (6)  |  Patents (8)
    Request Permissions | Click to expandAbstract | PDF file iconPDF (652 KB)  

    We propose scheduling strategies to determine transmission schedules that prevent traffic analysis and the creation of covert channels due to temporal variation in the transmission of packets. In addition to requiring the traffic matrix be neutral we require the transmission schedule be temporally neutral to eliminate that potential coved channel. The static scheduling policy generates temporally ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Improved password mechanisms through expert system technology

    Publication Year: 1993 , Page(s): 272 - 280
    Cited by:  Papers (1)
    Request Permissions | Click to expandAbstract | PDF file iconPDF (684 KB)  

    The successful verification of a user or entity wishing to use a computer based information system, lies at the core of the security of these systems. Although a vast number of different verification techniques have been proposed, password based methods remain the predominant method of choice. For this reason, if is essential that these methods be as effective as possible. The extensive ongoing re... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security policy in a complex logistics procurement

    Publication Year: 1993 , Page(s): 46 - 53
    Cited by:  Papers (1)
    Request Permissions | Click to expandAbstract | PDF file iconPDF (668 KB)  

    The Royal Air Force Logistics Information Technology System (LITS) is a ten year United Kingdom procurement programme to provide the Royal Air Force with a fully integrated IT system covering its supply and engineering functions. It will hold and process classified information and thus requires an IT security policy. Although a single integrated system, it will service many distinct locations and ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Specification issues of secure systems

    Publication Year: 1993 , Page(s): 36 - 45
    Request Permissions | Click to expandAbstract | PDF file iconPDF (752 KB)  

    This paper discusses the development of an accredited multilevel secure (MLS) system. The author reviews the methods and some problems in producing the Descriptive Top Level Specification (DTLS) and the attendant correspondences to the Formal Security Policy Model. Some of the problems encountered stem from the selection of a traditional but insufficient policy model. This paper identifies specifi... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Operational requirements for multilevel security

    Publication Year: 1993 , Page(s): 30 - 35
    Cited by:  Papers (1)
    Request Permissions | Click to expandAbstract | PDF file iconPDF (452 KB)  

    Multilevel security (MLS) technology offers capabilities to increase the effectiveness, efficiency, and security of operations that rely on information systems. The US unified and specified combatant commands have been surveyed to identify their operational requirements for MLS and near-term solutions to satisfy the common and most pervasive requirements. This paper summarizes the results of those... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • User interface for a high assurance, windowing system

    Publication Year: 1993 , Page(s): 256 - 264
    Cited by:  Papers (1)  |  Patents (7)
    Request Permissions | Click to expandAbstract | PDF file iconPDF (672 KB)  

    High assurance graphical user interfaces must walk a fine line between providing user-friendly features and providing so much functionality that the trusted portion of the user interface can no longer be considered “minimal”. This paper describes the user interface provided by TRW's Trusted X prototype and some of the tradeoffs made in its construction View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Transparent cosignatures for electronic documents

    Publication Year: 1993 , Page(s): 82 - 91
    Cited by:  Patents (3)
    Request Permissions | Click to expandAbstract | PDF file iconPDF (852 KB)  

    A major problem facing enterprises communicating via general electronic commercial documents is how to ensure that an incoming document is not only authentic in origin but also was legally authorized within the purported sending enterprise. Another one is how to ensure that only authorized documents leave an enterprise. To quickly identify unauthorized documents, even if authentication of source i... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • C2 auditing in the X Display Manager

    Publication Year: 1993 , Page(s): 265 - 271
    Cited by:  Patents (1)
    Request Permissions | Click to expandAbstract | PDF file iconPDF (332 KB)  

    This paper describes the implementation of C2 auditing in the MIT X Consortium X Display Manager (XDM) on a Sun Workstation. This custom implementation of XDM audits user logins, attempted logins and logouts by creating a C2 audit trail in the workstation's audit file. Additionally, when a user has exceeded a specified number of failed login attempts, the user's account and/or workstation may be d... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Representation of mental health application access policy in a monotonic model

    Publication Year: 1993 , Page(s): 195 - 209
    Cited by:  Papers (2)
    Request Permissions | Click to expandAbstract | PDF file iconPDF (712 KB)  

    The access policy to patients' records in a mental health hospital has only a verbal specification, and many formal systems fail to represent all the aspects of this problem. This paper uses an extension of SPM, which can represent revocation and conditional tickets, to model part of this access policy. Even with our extension, SPM still remains a monotonic model, where rights can be removed only ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A methodology for the use of single level RDBMS software in a multi-level secured system

    Publication Year: 1993 , Page(s): 11 - 20
    Cited by:  Papers (1)  |  Patents (2)
    Request Permissions | Click to expandAbstract | PDF file iconPDF (872 KB)  

    Considers the problem of implementing multilevel security on a compartmented mode workstation using single level relational database management software. A discussion of a large, military information management system is presented in terms of its architecture and security requirements. Trusted managers of the object abstractions used in the solution are explained, as well as the programming concer... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Database design and MLS DBMSs: an unhappy alliance?

    Publication Year: 1993 , Page(s): 232 - 243
    Cited by:  Papers (1)
    Request Permissions | Click to expandAbstract | PDF file iconPDF (808 KB)  

    Although much work has been performed in the areas of database design and MLS DBMSs, little has been done to marry the two areas together. It is shown that the implementation of a secure database design is not a trivial matter. Two MLS DBMSs, SWORD and SeaView, are used to demonstrate the problems of implementing simple secure application requirements View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Expressive power of the single-object typed access matrix model

    Publication Year: 1993 , Page(s): 184 - 194
    Cited by:  Patents (1)
    Request Permissions | Click to expandAbstract | PDF file iconPDF (676 KB)  

    The single-object typed access matrix (SOTAM) model was recently introduced in the literature by Sandhu and Suri (1992). It is a special case of Sandhu's typed access matrix (TAM) model (1992). In SOTAM individual commands are restricted to modifying exactly one column of the access matrix (whereas individual TAM commands in general can modify multiple columns). Sandhu and Suri have outlined a sim... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Modeling constructs for describing a complex system-of-systems

    Publication Year: 1993 , Page(s): 140 - 148
    Cited by:  Papers (1)
    Request Permissions | Click to expandAbstract | PDF file iconPDF (728 KB)  

    To gather and organize the information needed to perform a risk analysis of a complex system-of-systems, a risk analyst needs a well-defined set of modeling constructs. This paper describes the system/network modeling constructs being incorporated into Version 2.0 of the ANSSR (Analysis of Networked Systems Security Risks) prototype. These allow an analyst to describe a complex system-of-systems a... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The deductive filter approach to MLS database prototyping

    Publication Year: 1993 , Page(s): 244 - 253
    Cited by:  Papers (1)
    Request Permissions | Click to expandAbstract | PDF file iconPDF (756 KB)  

    This paper proposes building a prototyping environment as part of the standard design process of multilevel secure database applications. For this paper we see the following contributions: First, based on a careful study of multilevel security requirements we developed a security constraints language (SCL) for specifying application dependent database security semantics. Second, we implemented SCL... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • COMPUSEC, a personal view

    Publication Year: 1993 , Page(s): X - XVIII
    Cited by:  Papers (1)
    Request Permissions | Click to expandAbstract | PDF file iconPDF (824 KB)  

    This paper expresses a personal view of the state of computer security technology and its practice based on 20 years of experience. The paper contains a discussion of some of the events and concepts that have influenced the technology, a discussion of how computer system architectures have changed, creating gaps in our knowledge about how to design and certify multilevel secure computer systems, a... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A second look at the SDNS key management protocol

    Publication Year: 1993 , Page(s): 74 - 81
    Request Permissions | Click to expandAbstract | PDF file iconPDF (468 KB)  

    The Secure Data Network System (SDNS) program has developed a security architecture based on the International Standardization Organization (ISO) Reference Model for Open Systems Interconnection (OSI). The SDNS standards include a key management protocol (KMP) designed to provide key material to lower layer security protocols. Unfortunately, although the specification has been publicly available f... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Integration of security services into the NORAD/USSPACECOM technical infrastructure: a case study

    Publication Year: 1993 , Page(s): 2 - 10
    Cited by:  Papers (1)
    Request Permissions | Click to expandAbstract | PDF file iconPDF (604 KB)  

    There is a growing trend to describe information system architectures in terms of reference models. This paper is a case study of how security services and mechanisms were integrated into one specific reference model, the NORAD/USSPACECOM Technical Infrastructure (N/U TI). The identification of security services and their placement in the N/U TI was motivated by a preliminary set of N/U security p... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • MLS file service for network data sharing

    Publication Year: 1993 , Page(s): 94 - 99
    Cited by:  Patents (2)
    Request Permissions | Click to expandAbstract | PDF file iconPDF (440 KB)  

    The style of networked file sharing that dominates modern workstations can provide a flexible and highly secure connection between networks operating at different security levels. We illustrate this by describing a highly secure multilevel file server under development as part of the Secure Network Server (SNS) Development Program. The file service, constructed with the Network File Service (NFS) ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Applying noninterference to composition of systems: a more practical approach

    Publication Year: 1993 , Page(s): 210 - 220
    Cited by:  Papers (3)
    Request Permissions | Click to expandAbstract | PDF file iconPDF (908 KB)  

    As we know, current hookup or composable properties may impose over-strong security requirements on component systems. To overcome this problem, connectivities of the components have to be considered in order to appropriately handle their composition. Based on such a consideration, in this paper we adopt the concept of rely- and guarantee-conditions to present a composable property of noninterfere... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Using logics to detect implementation-dependent flaws [cryptographic protocol design]

    Publication Year: 1993 , Page(s): 64 - 73
    Cited by:  Papers (3)
    Request Permissions | Click to expandAbstract | PDF file iconPDF (620 KB)  

    Vulnerabilities may be introduced at all stages of cryptographic protocol design. Reasoning about a protocol at a functional level does not unveil flaws which are inherently implementation-dependent. This paper uncovers a potential implementation-dependent flaw in a previously published protocol. Formal techniques should be able to analyse protocols with respect to such flaws. The epistemic logic ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Migrating a commercial-off-the-shelf application to a multilevel secure environment

    Publication Year: 1993 , Page(s): 21 - 28
    Request Permissions | Click to expandAbstract | PDF file iconPDF (744 KB)  

    As the number of vendors offering multilevel secure (MLS) operating systems has grown, there have been a corresponding increase in the number of commercial-off-the-shelf (COTS) applications that are designed to incorporate MLS, particularly database management systems (DBMS). However, most existing DBMS applications were designed for non-MLS environments. End users have been reluctant to move to M... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On the shortest path to network security

    Publication Year: 1993 , Page(s): 149 - 158
    Cited by:  Patents (1)
    Request Permissions | Click to expandAbstract | PDF file iconPDF (924 KB)  

    The resource constrained shortest path model is a general framework for evaluating and understanding the security of computer networks. This paper derives the model from established computer security and risk analysis principles to provide an informal proof that a network security model based on the resource constrained shortest path is “correct”. Thus the resource constrained shortest... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • MultiView model for object-oriented database

    Publication Year: 1993 , Page(s): 222 - 231
    Request Permissions | Click to expandAbstract | PDF file iconPDF (844 KB)  

    Up till now, a few secure models of object oriented databases have been proposed. Most of them support multilevel entities and more or less cover stories. In this paper, we undertake a more natural approach to model object oriented databases supporting multilevel entities which cope with the shortcomings of the previous models, viz the need of trusted mechanisms, the management of polyinstantiated... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.