1984 IEEE Symposium on Security and Privacy

29 April-2 May 1984

Filter Results

Displaying Results 1 - 25 of 28
  • Welcome from the General Chairperson

    Publication Year: 1984, Page(s): iii
    Request permission for reuse | PDF file iconPDF (47 KB)
    Freely Available from IEEE
  • Comments from the program Co-Chairperson

    Publication Year: 1984, Page(s): iv
    Request permission for reuse | PDF file iconPDF (54 KB)
    Freely Available from IEEE
  • An Augmented Capability Architecture to Support Lattice Security and Traceability of Access

    Publication Year: 1984, Page(s): 2
    Cited by:  Papers (16)  |  Patents (6)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (970 KB)

    This paper describes a protection system that supports the confinement of access as required by non-discretionary access control models such as the Bell and LaPadula lattice model. The approach is to use capability-based protection at the lowest level for implementing confined domains, in support of access control lists for expressing security policies outside the security kernel. The implementati... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • KVM/370 in Retrospect

    Publication Year: 1984, Page(s): 13
    Cited by:  Papers (8)  |  Patents (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (1002 KB)

    KVM/370 (Kernelized Virtual Machine Sys-tem 370) is based on IBM's Virtual Machine operating system, VM/370. KVM/370 is a general purpose operating system that enforces. DoD military security policy using kernel technology. Funded as a small research project in 1976, the system has undergone continuous development since 1978 when implementation was begun by System Development Corporation. This pap... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Linus IV-An Experiment in Computer Security

    Publication Year: 1984, Page(s): 24
    Cited by:  Papers (4)  |  Patents (4)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (884 KB)

    In the past few years, there has been considerableeffort by industryand governmentto develop secure operating systems. In recent months, the movie War Games and the Milwaukee 414 club have brought attention to the computer security problem long suppressed by embarrassed system administrators. One likely candidate for security enhancements is the UNIX operating system. The portability and sharing c... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Hardware Requirements for Secure Computer Systems: A Framework

    Publication Year: 1984, Page(s): 34
    Cited by:  Papers (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (786 KB)

    This report develops a new set of criteria for evaluating computer architectures that are to support systems with security requirements. Central to these criteria is the concept of a domain, here interpreted as a set of information and authorizations for the manipulation of that information in a comput system. Architectural requirements are grouped in three categories: logical structure, the physi... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Toward an Understanding of Extensible Architectures for Evaluated Trusted Computer System Products

    Publication Year: 1984, Page(s): 41
    Cited by:  Papers (5)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (900 KB)

    It has been a tenet of the computer security research and development community that policy enforcement mechanisms must be designed into systems at the time of their conception rather than retrofitted on to existing systems. The paper examines what it means for an architecture to be extensible with respect to security. Results are shown of an examination of the Trusted Computer System Evaluation C... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Cryptographic Checksums for Multilevel Database Security

    Publication Year: 1984, Page(s): 52
    Cited by:  Papers (10)  |  Patents (8)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (783 KB)

    The 1982 ilr Force Summer Study on Multilevel Data Management Security recommended several approaches to designing a multilevel secure database system. One of the approaches uses an untrusted database system to manage the data, and an isolated trusted filter to enforce security.The filter attaches a security classification label to each data record, computes an unforgeable cryptographic checksum o... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Integrity-Lock Approach to Secure Database Management

    Publication Year: 1984, Page(s): 62
    Cited by:  Papers (12)  |  Patents (2)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (1294 KB)

    This paper presents the integrity-lock approach to database security. The integrity-lock approach offers a "near-term" solution to the problems of database security. It makes use of existing technology emphasizing the use of encryption, and minimizing as much as possible the amount of trusted code required to insure the security of the data. The paper presumes the existence of an "off-the-shelf" d... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Unwinding and Inference Control

    Publication Year: 1984, Page(s): 75
    Cited by:  Papers (105)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (1102 KB)

    This paper discusses two main ideas, unwinding and inference control. While both concern computer security, they are not closely related to each other. Unwinding is a verification technique for general security requirements based on noninterference assertions as in [Goguen & Meseguer 82a]. The inference control problem concerns preventing inference of unauthorized information by combining auth... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Secure One-Way Hash Function Built from DES

    Publication Year: 1984, Page(s): 88
    Cited by:  Papers (8)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (238 KB)

    Applying a one-way hash function is a useful preliminary to digitally signing a message, both for security and efficiency. Several proposals for building such a function out of DES have been shown to be insecure. This talk studies a proposal due to Davies, and provides some evidence for its security. We prove security under a black box model. That is, we consider algorithms which call the encrypti... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Searching for Public-Key Cryptosystems

    Publication Year: 1984, Page(s): 91
    Cited by:  Patents (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (682 KB)

    This article suggests the use of undecidable problems in constructing public-key cryptosystems. Any such system must still be in NP, but intuitive arguments suggest that this approach might be a reasonable alternative to the use of NP-complete problems. A general approach based on the undecidable word problem for groups is discussed, though without enough detail to evaluate a specific implementati... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A New Paradigm for Individuals in the Information Age

    Publication Year: 1984, Page(s): 99
    Cited by:  Patents (2)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (526 KB)

    Today, individuals provide substantially the same identifying information to each organization with which they have a relationship. In a new paradigm, individuals provide different "pseudonyms" or alternate names to each organization. A critical advantage of systems based on such pseudonyms is that the information associated with each pseudonym can be insufficient to allow data on an individual to... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Use of Ada as an Implementation Language in Formally Specified Systems

    Publication Year: 1984, Page(s): 107
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (229 KB)

    Formal specification languages such as SPECIAL and Ina Jo were designed to be used with a variety of implementation languages. Our attempts to uae them with Ada are reviewed here. In order to develop a rational compliance document which shows how Ada code implements the formal specification it was necessary to bypass most of the structuring features of the specification language and to use just th... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Practical Experience with an Ada-Based Formal Specification/Language on a Large Project

    Publication Year: 1984, Page(s): 111
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (149 KB)

    Ford Aerospace is successfully using an Ada-based formal specification language on a large project to specify and manually verify security properties. This paper, and the associated panel presentation at the 1984 Symposium on Security and Privacy, deal with Customer requirements in the area of security, the use of "Ada Design Language Extensions" (ADLE) as the formal specification language, and th... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Ottawa Euclid and EVES: A Status Report

    Publication Year: 1984, Page(s): 114
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (676 KB)

    I.P. Sharp Associates, under the sponsorship of the United States Navy and the Canadian Department of National Defence, is developing a formal program verification and evaluation system based on the Euclid programming language. The central application of the system is to be the development of security related software. This paper reports the status of the project, as of early 1984, and discusses s... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Analysis of a Kemel Verification

    Publication Year: 1984, Page(s): 125
    Cited by:  Papers (6)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (726 KB)

    This paper reports on the analysis and evaluation of the SCOMP kernel verification. The SCOMP system was developed by Honeywell FSD and is targeted at the Al class of the DoD Trusted Computer System Evaluation Criteria [CSC8S]. It is currently under evaluation by the Department.of Defense Computer Security Center (DoDCSC). The work reported on here is significant in that the SCOMP system is the fi... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Interrogator A Tool for Cryptographic Protocol Security

    Publication Year: 1984, Page(s): 134
    Cited by:  Papers (8)  |  Patents (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (852 KB)

    Computer networks employ encryption several purposes, including private communication, message authentication, and digital signatures. The correctness and security of these applications depend not only on the strength the cryptographic algorithms, but also on the procedures for key management. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Executable Logic Specifications: A New Approach

    Publication Year: 1984, Page(s): 142
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (811 KB)

    This paper discusses the use of logic programming techniques in the specification and verification of secure systems. The secure systems specifications discussed are formal and directly executable. The advantages of executable specifications are: (1) the specification is itself a prototype of the specified system, (2) incremental development of specification sis possible, (3)behavior exhibited by ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Formal Verification of a Secure Network with End-to-End Encryption

    Publication Year: 1984, Page(s): 154
    Cited by:  Papers (3)  |  Patents (2)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (999 KB)

    A formal specification and verification of a simple secure communications network using end-to-end encryption is presented. It is shown that all data sent over the network is encrypted and all heats on the network exchange messages only if they are authorized to do so. The network and its hosts are modelled by a set of concurrent processes that communicate via unidirectional buffers. Each process ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Multi-Level Security Based on Physical Distribution

    Publication Year: 1984, Page(s): 167
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (736 KB)

    We are interested in multi-level secure networks in which the host systems are required to conform to a multi-level security policy such that information is constrained to flow between hosts only in certain ways. The problem of interest is how to most efficiently block such flows in the face of the threat of untrusted software running on the communication sub-network processors and on all or some ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Attacks on Computers: Congressional Hearings and Pending Legislation

    Publication Year: 1984, Page(s): 180
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (730 KB)

    During the First Session of the 98th Congress, several days of hearings were held on the activities of "computer enthusiasts" including the Milwaukee 414s and others. The First Session also saw the introduction in the House of six bills dealing with various aspects of computer crime. A summary of those hearings, along with a summary of the pending computer crime bills, will be presented. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Formal Statement of the MMS Security Model

    Publication Year: 1984, Page(s): 188
    Cited by:  Papers (3)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (729 KB)

    To provide a firm foundation for proofs about the security properties of a system specification or implementation, a formal statement of its security model is needed. This paper presents a formal model that corresponds to an informal, application-based security model for military message systems (MMS) that has been documented elsewhere. Following the formal statement, some considerations that led ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Comparison Paper between the Bell and LaPadula Model

    Publication Year: 1984, Page(s): 195
    Cited by:  Papers (3)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (751 KB)

    This paper provides a brief explanation of the two most cited models in the field of computer security and points out the basic differences between them. There ia a common misconception in the field that the MLS tool for HDM is designed to be an implementation of the Bell and LaPadula model. In fact, the MLS tool is an implementation of a model that resembles Bell and LaPadula in some aspects but ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Design Experiences from the Multilevel Secure MCF Operating System

    Publication Year: 1984, Page(s): 204
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (545 KB)

    The multilevel secure Military Computer Family Operating System program will provide a new high-water mark for multilevel security design and definition. The operating sys-tem will be the first verified Ada* program, and will be a fielded multilevel secure operating system. The operating system is being built for a new machine that has significant architectural features for security. This paper re... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.