A New Approach to the Specification of Computer Security Poilicies
Author
Ivan Krsul, Eugene Spafford, Tugkan Tuglular
Institution
COAST Laboratory
Affiliation
Purdue University
Publication Date
0000-00-00
Contents
Abstract
1. Introduction
2. Notation
3. Definitions of Policies
4. Proposed Model
5. Modeling Existing Policies
5.1 Mandatory Access Control
5.2 Discretionary Access Control5.3 Lattice Structure
5.4 Information Flow
5.5 Integrity
5.6 Identification and Authentication
6. Modeling Policies for COTS Systems
6.1 The use of games during business hours
6.2 Stock Market Operations
6.3 File access restriction in Java
7. Modeling Policies that Incorporate the Notion of Time
8. Future Work
8.1 Development of a Comprehensive Library of Policy Functions
8.2 Limited Policy Violation Prevention
9. Conclusions
References
Location
A hard-copy of this is in the CERIAS Library