Limiting the Damage Potential of Discretionary Trojan Horses
作者: Paul A. Karger
关键词:
摘要: Many discretionary Trojan Horse attacks can be defeated by a table-driven file name translation mechanism that has knowledge of the normal patterns use computer system. File is built into protected subsystem, and human user queried about possible violations access control policies. The technique most effective against unauthorized tampering or sabotage used in conjunction with non-discretionary security controls.
ieeecomputersociety.org参考文章(9)
Howard Ewing Sturgis, A POSTMORTEM FOR A TIME SHARING SYSTEM ,(1974)
M. V. Wilkes, R. M. Needham, The Cambridge CAP computer and its operating system ,(1979)
William Allan Wulf, Samuel P. Harbison, Roy Levin, HYDRA/C.mmp, an experimental computer system ,(1981)
Philip Alan Myers, Subversion : the neglected aspect of computer security. Naval Postgraduate School (U.S.). ,(1980)
D Elliott Bell, Secure Computer Systems: A Refinement of the Mathematical Model ,(1974)
Michael A. Harrison, Walter L. Ruzzo, Jeffrey D. Ullman, Protection in operating systems Communications of The ACM. ,vol. 19, pp. 461- 471 ,(1976) , 10.1145/360303.360333
Deborah D. Downs, Jerzy R. Rub, Kenneth C. Kung, Carole S. Jordan, Issues in Discretionary Access Control ieee symposium on security and privacy. pp. 208- 208 ,(1985) , 10.1109/SP.1985.10014
J.H. Saltzer, M.D. Schroeder, The protection of information in computer systems Proceedings of the IEEE. ,vol. 63, pp. 1278- 1308 ,(1975) , 10.1109/PROC.1975.9939
V.D. Gligor, E.L. Burch, G.S. Chandersekaran, R.S. Chapman, L.J. Dotterer, M.S. Hecht, W.D. Jiang, G.L. Luckenbaugh, N. Vasudevan, On the Design and the Implementation of Secure Xenix Workstations ieee symposium on security and privacy. pp. 102- 102 ,(1986) , 10.1109/SP.1986.10016