Proceedings of 1995 New Security Paradigms Workshop

22-25 Aug. 1995

Filter Results

Displaying Results 1 - 12 of 12
  • 'tsupdood? Repackaged problems for you and MMI [security]

    Publication Year: 1995, Page(s):2 - 10
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (758 KB)

    Changes in computer usage have significantly changed the so-called computer security, network security and information security problems. The changes are largely due to the rapid proliferation and interconnection of computers and the associated distribution of software. Of concern is the uncontrolled nature of this activity: systems and workstations are often interconnected without notice being gi... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security for infinite networks

    Publication Year: 1995, Page(s):11 - 19
    Cited by:  Patents (14)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (801 KB)

    Although network security theory forbids many connections to large networks as being too risky, the reality is that large numbers of sensitive systems are connected to the Internet and that connectivity is increasing at a rapid rate. Firewalls and host protection mechanisms are used in a somewhat arbitrary fashion, depending more on the availability of products than on a clear understanding of sec... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Research issues in authorization models for hypertext systems

    Publication Year: 1995, Page(s):22 - 28
    Cited by:  Papers (2)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (731 KB)

    The proper characteristics of hypertext systems, such as absence of a schema, connections among the different "chunks" of information, and the possibility of navigating in the hypertext, make conventional authorization models inadequate for their protection. These characteristics on the one hand raise new protection requirements, thus making the problem of protection much harder; while on the othe... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Unhelpfulness as a security policy, or it's about time

    Publication Year: 1995, Page(s):29 - 32
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (312 KB)

    Suggests the possibility of controlling the rate of release of information as well as whether the information can be released at all. If the user must have access to information but does not require fast access to large amounts of data, the system can release the information to that user in a slow and unhelpful manner. The addition of the parameter of time acts as a deterrent to information collec... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • QuARC: expressive security mechanisms

    Publication Year: 1995, Page(s):34 - 40
    Cited by:  Papers (1)  |  Patents (9)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (765 KB)

    Security mechanisms in current distributed computer systems only allow a small range of security policies to be implemented. We present the QuARC (Quantitative Authentication, Rule-based roles and Committees) system, which uses some unusual mechanisms that allow it to implement a much wider variety of policies. This allows computer security policies to be much better aligned with organisational po... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Administration in a multiple policy/domain environment: the administration and melding of disparate policies

    Publication Year: 1995, Page(s):42 - 52
    Cited by:  Patents (23)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (906 KB)

    New standards for trusted systems propose multiple security policies and multiple policy domains. My experience with building a multi-policy machine prototype illustrated that multiple policy domains and complex policies push current policy administration techniques, tools and user interfaces beyond their limits. This paper proposes a holistic approach to policy administration, consisting of human... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Virtual enterprises and the enterprise security architecture

    Publication Year: 1995, Page(s):53 - 64
    Cited by:  Patents (9)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (1038 KB)

    The emergence of internetworked systems has given corporations and government agencies the opportunity to share information in unprecedented fashion. This sharing can be distributed across several enterprises. In effect, actual enterprises with shared interests can form virtual enterprises. There are significant security implications in this. An enterprise must not only protect the confidentiality... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Software system risk management and assurance

    Publication Year: 1995, Page(s):66 - 74
    Cited by:  Papers (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (696 KB)

    Security, assurance and risk management in software systems are viewed in terms of three historical generations, with significant paradigm shifts occurring in each generation. The software community is currently on the brink of the third generation, and needs advances in modeling, risk theory, tools and assurance methods. The third generation is characterized by a broader, more integrative perspec... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Applying the dependability paradigm to computer security

    Publication Year: 1995, Page(s):75 - 79
    Cited by:  Papers (6)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (523 KB)

    Dependability is that property of a computer system such that reliance can justifiably be place on the service it delivers. In this paper, we contrast the way different ways faults are handled in the dependability paradigm with the way they are handled in the current paradigms for secure system design. We show how the current security paradigm is generally restricted to a subset of the types of ap... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Pretty good assurance

    Publication Year: 1995, Page(s):82 - 89
    Cited by:  Papers (5)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (605 KB)

    This paper describes the need for pretty good assurance: clearly stated claims about the security properties of systems accompanied by evidence that explains in clear terms why we should believe that these claims are substantiated. Several different types of threats are identified and their relationships to assurance are explored. The developer's role in creating on assurance argument is distingui... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Credentials for privacy and interoperation

    Publication Year: 1995, Page(s):92 - 100
    Cited by:  Papers (12)  |  Patents (3)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (902 KB)

    We consider the problem of providing secure, private access to applications and data in a world-wide distributed client-server environment such as the Internet of the future. In such a system, the set of potential users of a service may extend far beyond the local community knowable to the application providing the service. Applications will not generally have prior knowledge of the individual mak... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Author index

    Publication Year: 1995
    Request permission for reuse | PDF file iconPDF (26 KB)
    Freely Available from IEEE