Lattice-based enforcement of Chinese Walls
作者: Ravi S. Sandhu
DOI: 10.1016/0167-4048(92)90131-A
关键词:
摘要: The Chinese Wall policy was identified and so named by Brewer Nash. This arises in the financial segment of commercial sector, which provides consulting services to other companies. Consultants naturally have deal with confidential company information for their clients. objective is prevent flows cause conflict interest individual consultants. Nash develop a mathematical model policy, on basis they claim that this ''cannot be correctly represented Bell-LaPadula model.'' In paper we demonstrate Brewer-Nash too restrictive employed practical system. due treatment users subjects as synonymous concepts, consequence do not distinguish security applied human versus computer subjects. By maintaining careful distinction between users, principals subjects, show just another lattice-based can easily within framework.
acm.org
elsevier.com
sci-hub.se 参考文章(5)
D. Elliott Bell, Leonard J. La Padula, Secure Computer System: Unified Exposition and Multics Interpretation Defense Technical Information Center. ,(1976) , 10.21236/ADA023588
John McLean, A comment on the `basic security theorem' of Bell and LaPadula Information Processing Letters. ,vol. 20, pp. 67- 70 ,(1985) , 10.1016/0020-0190(85)90065-1
Dorothy E. Denning, A lattice model of secure information flow Communications of the ACM. ,vol. 19, pp. 236- 243 ,(1976) , 10.1145/360051.360056
J.H. Saltzer, M.D. Schroeder, The protection of information in computer systems Proceedings of the IEEE. ,vol. 63, pp. 1278- 1308 ,(1975) , 10.1109/PROC.1975.9939
D.F.C. Brewer, M.J. Nash, The Chinese Wall security policy ieee symposium on security and privacy. pp. 206- 214 ,(1989) , 10.1109/SECPRI.1989.36295