The Minimum Security Requirements for Multi-User Operating Systems (MSR) document provides basic commercial computer system security requirements applicable to both government and commercial organizations.  These requirements include technical measures that can be incorporated into multi-user, remote -access, resource-sharing, and information-sharing computer systems.  The MSR document was written form the prospective of protecting the confidentiality and integrity of an organization\‘s resources and promoting the continual availabiliy of these resources.  The MSR presented in this document from the basis for the commercially oriented protection profiles in Volume II of the draft Federal Criteria for Information technology Security document (known as the federal Criteria).  The Federal Criteia is currently a draft and supersedes this document. The MSR document has been developed by the MSR Working Group Working Group of the Federal Criteria Project under National Institute of Standards and Technology (NIST) leadership with a high level of private sector participation.  Its contents are based on the Trusted Computer System Evaluation Criteria (TCSEC) C2 critetria class, with additions from current computer industry practice and commercial security requirements specifications.

I

This document provides an overview of the Internet and security-related problems.  It then provides an overview of firewall components and the general reasoning behind firewall usage.  Several types of network access policies are described, as well as technical implementations of those policies.  Lastly, the document contains pointers and references fo rmore detailed information. The document is designed to assist users in understanding the nature of Internet-related security problems and what types of firewalls will solve or alleviate specific problems.  Users can then use this document to assist in purchasing or planning a firewall.

Recommendations are rovided to promote accuracy, integrity, and security in computerized vote-tallying, and to improve confidence in the resuls produced.  The recommendations respond to identified problems, and conern software, hardware, operational procedures, and institutional changes. It is proposed that the concept of internal control, almost universally used to protect operations that produce priced goods or services, be adapted to vote-tallying, a non-priced service.  For software, recommendations concern certrification, assurance of logical correctness, and protection against containation by hidden code.  For hardware, recommendations concern accuracy of ballot reading, and design and certification of vote-tallying systems that do not use ballots.  Improved pre-election testing and parial manuel recounting of ballots are recommended operational procedures. Solme recent significant events concernign computerized cote-tallying are reported.  These events unclude development of performance speciafications, publication of a series pf New York Times articles, and activities in texas leading to passage of a revised statute on electronic voting systems. Relative vulnerabilities of different tpes of voting-tallying systems, i.e. punch card, mark-sense, and dircet recording electronic , are discussed.  Certain recent elections in which difficulties occurred are reviewed, and categories of failuere are highlighted.

The Guideline provides explicit direction to Federal database administration and database security personnel on how to improve database control.  The document identifies integrity and security problems in the administration of database technology, and discusses those procedures and methods which have proven effective in addressing these problems.  The document also provides an explicit, step-by-step procedure for examining and verifying the accuracy and completeness of a database.

The SEAL calculus is a calculus of mobile computations
designed for programming secure distributed
applications over large scale open networks. The
calculus is a distributed variant of the pi-calculus
that incorporates agent mobility as well as strong
protection mechanisms. Linear, revocable, capabilities
control access to resources and ensure that agents may
only use resources that have been allocated to them.
Capabilities are also used to protect agents from the
hosts on which they execute. The syntax and semantics
of the SEAL calculus are presented and its expressive
power is demonstrated with an example secure mobile