A Taxonomy of UNIX System and Network

Get BibTex-formatted data

Author

Matt Bishop

Entry type

techreport

Abstract

In this paper, we shall build on prior work to present another taxonomy, and argue that this classification scheme highlights characteristics of the vulnerablilities it classifies in a more useful way than other work. We shall then examine vulnerabilities in the UNIX operating system, its system and ancillary software, and classify the security-related problems several axes, after which we shall examine the earlier work to see if this taxonomy holds for other systems. The unique contribution of this work is an analysis of how to use the Protection Analysis work to improve security of exsisting systems, and how to write programs with minimal exploitable security flaws. This contrasts the work [4], which argued that a preventative approach using formal methods to design secure systems is appropriate. We emphatically agree; however, as nonsecure systems continue to be used, our work is presented with hope it will guide maintainers and software implementers to improve the security of these flawed systems and software.

Date

1995 – May

Address

Davis, CA 95616-8562

Institution

University of California at Davis

Key alpha

Bishop

Publication Date

0000-00-00

Location

A hard-copy of this is in the Papers Cabinet

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Techreport{ Bishop,
	title = "A Taxonomy of UNIX System and Network",
	author = "Matt Bishop",
	year = "1995",
	month = "May",
	address = "Davis, CA 95616-8562",
	institution = "University of California at Davis",
	abstract = "In this paper, we shall build on prior work to present another taxonomy,
and argue that this classification scheme highlights characteristics
of the vulnerablilities it classifies in a more useful way than other work.
We shall then examine vulnerabilities in the UNIX operating system, its
system and ancillary software, and classify the security-related problems
several axes, after which we shall examine the earlier work to see if this
taxonomy holds for other systems. The unique contribution of this work is an
analysis of how to use the Protection Analysis work to improve security of
exsisting systems, and how to write programs with minimal exploitable security
flaws. This contrasts the work [4], which argued that a preventative approach
using formal methods to design secure systems is appropriate. We emphatically agree;
however, as nonsecure systems continue to be used, our work is presented with hope
it will guide maintainers and software implementers to improve the security of these
flawed systems and software.",
}