The protection of information in computer systems

Saltzer, Jerome H.; Schroeder, Michael

doi:10.1109/proc.1975.9939

Cited by 1,576 publications

(655 citation statements)

References 50 publications

Supporting

Mentioning

614

Contrasting

Unclassified

Order By: Relevance

“…A number of basic principles and security engineering notions come into play. Among these are the ordering of security dependencies, the ordering of trust and trustworthiness [45], and the principle of least privilege [65] as manifested in the organization of components that enforce or support the enforcement of policy, as well as components that are trusted with respect to policy.…”

Section: High Assurance Allocation Of Policymentioning

confidence: 99%

MYSEA: The Monterey Security Architecture

Irvine¹,

Nguyen²,

Shifflett³

et al. 2009

View full text Add to dashboard Cite

Mandated requirements to share information across different sensitivity domains necessitate the design of distributed architectures to enforce information flow policies while providing protection from malicious code and attacks devised by highly motivated adversaries. The MYSEA architecture uses component security services and mechanisms to extend and inter-operate with commodity PCs, commodity client software, applications, trusted components, and legacy single level networks, providing new capabilities for composing secure, distributed multilevel secure solutions. This results in an architecture that meets two compelling requirements: first, that users have a familiar work environment, and, second, that critical mandatory security policies are enforced.

show abstract

Section: High Assurance Allocation Of Policymentioning

confidence: 99%

MYSEA: The Monterey Security Architecture

Irvine¹,

Nguyen²,

Shifflett³

et al. 2009

View full text Add to dashboard Cite

show abstract

“…The main capability-system design rule, the principle of least authority (sometimes called the "principle of least privilege" [31]) requires one to design interfaces such that authority is handed out only on a need-to-do basis [6].…”

Section: Six Perspectivesmentioning

confidence: 99%

Capability-Based Financial Instruments

Miller¹,

Morningstar²,

Frantz³

2001

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Every novel cooperative arrangement of mutually suspicious parties interacting electronically -every smart contract -effectively requires a new cryptographic protocol. However, if every new contract requires new cryptographic protocol design, our dreams of cryptographically enabled electronic commerce would be unreachable. Cryptographic protocol design is too hard and expensive, given our unlimited need for new contracts.Just as the digital logic gate abstraction allows digital circuit designers to create large analog circuits without doing analog circuit design, we present cryptographic capabilities as an abstraction allowing a similar economy of engineering effort in creating smart contracts. We explain the E system, which embodies these principles, and show a covered-call-option as a smart contract written in a simple security formalism independent of cryptography, but automatically implemented as a cryptographic protocol coordinating five mutually suspicious parties.

show abstract

“…Access control is the most primary means on the data protection [2]. But, it are mainly applicable to single control domain, and so are not suitable for cloud computing, where the owners and processors of the data usually belong to various control domains and the owners will lost the control to their data once their data migrates to other control domains.…”

Section: Introductionmentioning

confidence: 99%

Protecting Cloud Data Using the Decentralized Information Flow Control with Authorization Condition

Ye¹,

Xu²,

Jiao³

et al. 2015

IJMLC

View full text Add to dashboard Cite

Abstract-In the extremely dynamic cloud computing system, traditional access control technologies provide no autonomic authorization and access control for the users on their data in remote cloud. Once data is migrated to the cloud, the user transfers the control to the providers of the cloud services and cloud hardware. So, whether the data is proper protected will be the users' most primary concerns and major challenges. This paper proposes a new decentralized information flow control model-DIFC-AC and its implementation. It expands the security label of DIFC with authorization condition used to express the control demands of the user, and access to the data is arbitrated based on their labels by intercepting IPC-relevant system calls. Thereby, the controls on the data are reached to the cloud, and sequentially the users' demands on the confidentiality, integrity and controllability of their data are meet.

show abstract

The protection of information in computer systems

Cited by 1,576 publications

References 50 publications

MYSEA: The Monterey Security Architecture

MYSEA: The Monterey Security Architecture

Capability-Based Financial Instruments

Protecting Cloud Data Using the Decentralized Information Flow Control with Authorization Condition

Contact Info

Product

Resources

About