Proceedings Seventh Annual Computer Security Applications Conference

2-6 Dec. 1991

Filter Results

Displaying Results 1 - 25 of 25
  • Rebus passwords

    Publication Year: 1991, Page(s):239 - 243
    Cited by:  Papers (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (340 KB)

    The paper discusses a mechanism to aid users in the memorization of randomly generated nonsense passwords. The mechanism uses association and pictures and is based on techniques that have long been used as a means of memorizing information. The motivation for this work is the increased need to make passwords more difficult to guess and the necessity to keep them easy to remember. This mechanism ma... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Observations on integrating multilevel secure components into system high distributed systems

    Publication Year: 1991, Page(s):230 - 238
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (658 KB)

    The implementation of distributed systems includes an extensive component integration effort. Integrating secure components into a distributed system is a task more difficult than standard integration. Current system high distributed secure systems will be transitioned to multilevel secure systems as multilevel secure components become available. Considerations and changes that are required for su... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security considerations in the acquisition of computer systems

    Publication Year: 1991, Page(s):224 - 229
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (322 KB)

    The paper describes Air Force System Security Memorandum (AFSSM) 5024, security considerations in the acquisition of computer systems, and how to go about a multidisciplinary approach for including security in any system development or acquisition. The AFSSM is a handbook for program managers providing guidance on developing security specifications for requests for proposals (RFP), including contr... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Considerations for applying disk encryptors to environments subject to hostile overrun

    Publication Year: 1991, Page(s):218 - 222
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (352 KB)

    The paper presents a list of considerations for applying a commercial off-the-shelf disk encryptor to an environment where hostile overrun is a significant threat. The considerations include: how the encryption device is configured and interfaced to the workstation, host, or server; encryption key management including key entry, changeover, and quick destruct; and long term off-line storage.<&l... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Proposed security for critical Air Force missions

    Publication Year: 1991, Page(s):209 - 217
    Cited by:  Papers (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (562 KB)

    Air Force missions could be forced to fail by an enemy agent launching a malicious logic attack. These missions must be protected. Because of the imminent, potential danger, a protection approach has been developed that is easily understood and implemented for a minimum cost-because it uses Orange Book methods and mechanisms. The criteria for protection of critical systems are given as the G3 divi... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Fielding multilevel security into command and control systems

    Publication Year: 1991, Page(s):202 - 208
    Cited by:  Patents (5)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (542 KB)

    The Joint MLS Technology Insertion Program was established by the Joint Staff J6 in January 1990. A key component of the Joint MLS program is the DoD testbed at Military Airlift command (MAC). Scott Air Force Base (AFB), Illinois. The testbed is addressing critical secure system integration issues associated with expediting the deployment of MLS capabilities and components into operational command... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Complete containment sets and their application to the inference problem

    Publication Year: 1991, Page(s):187 - 200
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (1061 KB)

    An approach to the inference problem in database security is described. This new approach is based on existing ideas in query containment theory. This theory may be used to generalize query modification, a query answering approach that allows a user to write a query that is beyond his access privileges, but the system will construct a set of similar queries that is within his privileges. This gene... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Domain reduction dependencies: A new type of dependency for statistical database security

    Publication Year: 1991, Page(s):178 - 186
    Cited by:  Patents (2)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (672 KB)

    A new type of data dependency, the domain reduction dependency is defined. Given a set of attributes over which a query is being made, this dependency allows one to more accurately predict the probability of release of sensitive statistics for that query than could have been done with table size alone. In addition, the properties of DRDs provide metainformation on the gain and loss of information ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A multilevel secure relational data model based on views

    Publication Year: 1991, Page(s):166 - 177
    Cited by:  Papers (3)  |  Patents (4)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (1059 KB)

    In order to overcome certain limitations when applied to relational databases, a data model is introduced that is not fully based on the bell-LaPadula security paradigm. The starting point is a conceptual relational database schema and a set of views, representing user groups and applications. Based on the definition of views, the relations of the conceptual schema are decomposed in a set of disjo... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A distributed implementation of the extended schematic protection model

    Publication Year: 1991, Page(s):152 - 164
    Cited by:  Papers (4)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (763 KB)

    Protection models provide a formalism for specifying control over access to information and other resources in a multi-user computer system. One such model, the extended schematic protection model (ESPM) has expressive power equivalent to the monotonic access matrix model of Harrison, Ruzzo, and Ullman (1976). Yet ESPM retains tractable safety analysis for many cases of practical interest. Thus ES... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • To Bell and back: developing a formal security policy model for a C/sup 2/ system

    Publication Year: 1991, Page(s):143 - 151
    Cited by:  Papers (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (566 KB)

    The authors describe several interesting aspects of the development of a formal security policy model for a military command and control (C/sup 2/) system. The C/sup 2/ system is being built to meet the B3 division and class of DOD 5200.28 STD. The paper discusses the real world issues involved in developing a useful and accurate model of a very complex security policy. The policy developed for th... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Verification of the security of a secure network component

    Publication Year: 1991, Page(s):132 - 142
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (720 KB)

    The author formally proves using a mechanical verifier that a security multiplexer for a network is secure and has no timing channels. While this multiplexer is only a small piece of a system, it handles multiple security levels and contains a process and two procedures that interact with other parts of the system. Security is expressed using an information flow model, extended to handle time. He ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Modeling internal controls of automated teller machine (ATM) systems: A computerized decision aid for design and evaluation

    Publication Year: 1991, Page(s):120 - 129
    Cited by:  Patents (2)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (674 KB)

    The study identifies and models internal controls of automated teller machine systems used by the banking industry. A reliability model of internal controls of ATM systems using series, parallel, and simple structures is presented. Control items and relationships are justified based on the engineering, computer, and auditing literatures. Use and limitations of this model are also discussed. An ATM... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security modelling using hierarchical state machines

    Publication Year: 1991, Page(s):110 - 119
    Cited by:  Patents (30)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (689 KB)

    The paper defines a modelling scheme that allows for abstraction to simplify security analysis, while at the same time permitting a full description of detailed system behaviour. The basis for the model is a hierarchy of state machines. The security equivalence of the varying levels of abstraction is proven, thereby demonstrating the validity of the model. Also, practical considerations regarding ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • High level prevention of traffic analysis

    Publication Year: 1991, Page(s):102 - 109
    Cited by:  Papers (19)  |  Patents (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (561 KB)

    The paper gives a mathematical model for prevention of traffic analysis in network security and suggests an approach for prevention of unauthorized release of information concerning traffic patterns. The model assumes that an eavesdropper may read the contents of all links, including the source and destination, and that all countermeasures are performed at the transport layer. The goal of the coun... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An audit model for object-oriented databases

    Publication Year: 1991, Page(s):90 - 99
    Cited by:  Papers (1)  |  Patents (6)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (594 KB)

    Auditing capability is one of the requirements for secure databases. A secure database management system, among other things, has to provide not only facilities for recording the history of all updates and queries against the database but high-level support for querying this history as well. The authors present an audit model for object-oriented databases that satisfies both requirements. The mode... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Real-time anomaly detection using a nonparametric pattern recognition approach

    Publication Year: 1991, Page(s):80 - 89
    Cited by:  Papers (9)  |  Patents (32)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (560 KB)

    Obstacles to achieving anomaly detection in real time include the large volume of data associated with user behavior and the nature of that data. The paper describes preliminary results from a research project which is developing a new approach to handling such data. The approach involves nonparametric statistical methods which permits considerable data compression and which supports pattern recog... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Network auditing: issues and recommendations

    Publication Year: 1991, Page(s):66 - 79
    Cited by:  Patents (2)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (1078 KB)

    Auditing can be used to detect abuse or intrusion into a computer system in some cases or if the abuse or intrusion is discovered by other means, the audit can be used after-the-fact to help determine the amount of damage that has occurred on the system. The deterrent presented by the audit trail is also important. In the past, audit trails have usually been oriented to standalone processors. The ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An implementation of access control using a salient feature of primes

    Publication Year: 1991, Page(s):56 - 64
    Cited by:  Papers (2)  |  Patents (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (715 KB)

    A method of implementing access control for computer resources is presented, along with examples and possible enhancements. An appropriate application for such resource control can be found in computer operating systems. Thus, the need for resource control is described first, followed by descriptions of some common implementations and the impetus for their development. In light of this discussion,... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A prototype B3 trusted X Window System

    Publication Year: 1991, Page(s):44 - 55
    Cited by:  Papers (10)  |  Patents (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (1153 KB)

    Multilevel secure windowing systems are a key technology for the 1990s. The authors have spent 20 months designing and implementing a prototype of a multilevel secure X Window System as a proof of concept vehicle for their software engineering process model for the development of trusted systems. The prototype is targeted to B3 evaluation criteria. In the early stages many doubted that B3 was achi... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Towards trusted cut and paste in the X Window System

    Publication Year: 1991, Page(s):34 - 43
    Cited by:  Papers (4)  |  Patents (2)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (948 KB)

    The X Window System (X) has become one of the most popular window systems available. However, to use X in a trusted environment, a variety of security issues must be addressed. Among these issues is how to mediate interwindow data moves in a manner consistent with a system's security policy. Current interpretations of existing security requirements state that interwindow moves must be subject not ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security constraint processing during the update operation in a multilevel secure database management system

    Publication Year: 1991, Page(s):23 - 32
    Cited by:  Papers (1)  |  Patents (4)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (928 KB)

    In a multilevel secure database management system (MLS/DBMS), users cleared at different security levels access and share a database consisting of data at different sensitivity levels (also called security levels) to data is one which utilizes security constraints or classification rules. Security constraints provide an effective and versatile classification policy. They can be used to assign secu... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Using polyinstantiation to develop an MLS application

    Publication Year: 1991, Page(s):12 - 22
    Cited by:  Papers (3)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (805 KB)

    Polyinstantiation has generated a great deal of controversy in the multilevel secure (MLS) database management system (DBMS) research community, but few practical examples of its usage exist. The paper describes and analyses the planned use of polyinstantiation at the United States Transportation Command Military Airlift Command (USTRANSCOM/MAC), describes several DBMS processing anomalies unique ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A single-level scheduler for the replicated architecture for multilevel-secure databases

    Publication Year: 1991, Page(s):2 - 11
    Cited by:  Papers (8)  |  Patents (3)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (888 KB)

    The replicated architecture for multilevel secure database systems provides security by replicating data into separate untrusted single-level database systems. To be successful, a system using the replicated architecture must have a concurrency and replica control algorithm that does not introduce any covert channels. Jajodia and Kogan (1990) have developed one such algorithm that uses update proj... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Proceedings. Seventh Annual Computer Security Applications Conference (Cat. No.91TH0416-8)

    Publication Year: 1991
    Request permission for reuse | PDF file iconPDF (31 KB)
    Freely Available from IEEE