The Chinese Wall security policy
作者: D.F.C. Brewer , M.J. Nash
DOI: 10.1109/SECPRI.1989.36295
关键词: Security policy 、 Information security 、 Conflict of interest 、 Permission 、 Computer security 、 Corporation 、 Accounting 、 Information system 、 Market analysis 、 Financial services 、 Discretion 、 Chinese wall 、 Computer science
摘要: The authors explore a commercial security policy (the Chinese Wall) which represents the behavior required of those persons who perform corporate analysis for financial institutions. It can be distinguished from Bell-LaPadula-like policies by way that user's permitted accesses are constrained history his previous accesses. is shown formal representation correctly permits market analyst to talk any corporation does not create conflict interest with assignments. Wall combines discretion legally enforceable mandatory controls. in operation many services organizations; conclude it is, therefore, perhaps as significant world Bell-LaPadula's military. >
ieeecomputersociety.org参考文章(4)
J. McLean, The algebra of security ieee symposium on security and privacy. pp. 2- 7 ,(1988) , 10.1109/SECPRI.1988.8092
D. Elliott Bell, Leonard J. La Padula, Secure Computer System: Unified Exposition and Multics Interpretation Defense Technical Information Center. ,(1976) , 10.21236/ADA023588
David D. Clark, David R. Wilson, A Comparison of Commercial and Military Computer Security Policies ieee symposium on security and privacy. pp. 184- 184 ,(1987) , 10.1109/SP.1987.10001
Stuart W Katzke, Zela G Ruthberg, Report of the invitational workshop on integrity policy in computer information systems (WIPCIS) Special Publication (NIST SP) - 500-160. ,(1989) , 10.6028/NIST.SP.500-160