Evaluating system integrity

Abstract: Conventional models of system integrity tend to be implementation-oriented in that they define integrity in terms of specific controls such as separation of duties, wellformed transactions, and so forth. In this paper we propose a formal definition of integrity that is based on the notion of dependability and is implementation independent. Using a series of examples, we argue that separation of duties, assured pipelines, fault-tolerance, and cryptography may be viewed as implementation techniques for achieving… Show more

“…In the following we show by using examples from [12,13], how functional requirements can be expressed as requirements in terms of constraints on variables that are invariant over the lifetime of the system. Example 3 A simple enterprise receives shipments, and generates associated payments for a supplier.…”

“…Dependability is characterized as a "property of a computer system such that reliance can be justifiably placed on the service it delivers" [15]. In [12,13] this notion of dependability may be viewed as a class of refinement whereby the nature of the reliability of the enterprise is explicitly specified.…”

Soft Constraints for Security

“…In the following we show by using examples from [12,13], how functional requirements can be expressed as requirements in terms of constraints on variables that are invariant over the lifetime of the system. Example 3 A simple enterprise receives shipments, and generates associated payments for a supplier.…”

“…Dependability is characterized as a "property of a computer system such that reliance can be justifiably placed on the service it delivers" [15]. In [12,13] this notion of dependability may be viewed as a class of refinement whereby the nature of the reliability of the enterprise is explicitly specified.…”

Soft Constraints for Security

External Consistency and the Verification of Security Protocols

A Constraint Framework for the Qualitative Analysis of Dependability Goals: Integrity