Integrity Considerations for Secure Computer Systems
作者: K. J. Biba
DOI:
关键词:
摘要: Abstract : An integrity policy defines formal access constraints which, if effectively enforced, protect data from improper modification. The author identifies the problems posed by a secure military computer utility. Integrity policies addressing these are developed and their effectiveness evaluated. A prototype utility, Multics, is then used as testbed for application of controls.
参考文章(11)
James P. Anderson, Computer Security Technology Planning Study ,(1972)
Gerald J Popek, Roger R Schell, Peter J Downey, Preliminary Notes on the Design of Secure Military Computer Systems. ,(1973)
F T Bradshaw, S R Ames, K G Walter, W F Ogden, W C Rounds, Primitive Models for Computer Security ,(1974)
D. E. Bell, E. L. Burke, A Software Validation Technique for Certification: The Methodology ,(1975)
Michael A. Harrison, Walter L. Ruzzo, Jeffrey D. Ullman, On protection in operating systems ACM SIGOPS Operating Systems Review. ,vol. 9, pp. 14- 24 ,(1975) , 10.1145/1067629.806517
D. Elliott Bell, Leonard J. La Padula, Secure Computer System: Unified Exposition and Multics Interpretation Defense Technical Information Center. ,(1976) , 10.21236/ADA023588
Jonathan K. Millen, Security Kernel validation in practice Communications of the ACM. ,vol. 19, pp. 243- 250 ,(1976) , 10.1145/360051.360059
Michael D. Schroeder, Jerome H. Saltzer, A hardware architecture for implementing protection rings Communications of the ACM. ,vol. 15, pp. 157- 170 ,(1972) , 10.1145/361268.361275
Elliott I. Organick, The multics system: an examination of its structure MIT Press. ,(1972)
C. Weissman, Security controls in the ADEPT-50 time-sharing system Proceedings of the November 18-20, 1969, fall joint computer conference on - AFIPS '69 (Fall). pp. 119- 133 ,(1969) , 10.1145/1478559.1478574