The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments
作者: John F. Farrell , S. Jeff Turner , Peter A. Loscocco , Ruth C. Taylor , Stephen D. Smalley
DOI:
关键词:
摘要: Although public awareness of the need for secu rity in computing systems is growing rapidly, current efforts to provide security are unlikely succeed. Current suffer from flawed assumption that adequate can be provided applications with existing mechanisms mainstream operating systems. In reality, secure today’s com puting environment due substantial increases connectivity and data sharing. The goal this paper motivate a renewed interest so future may build on solid foundation. This identifies several system features which lacking systems, argues these necessary adequately protect general applica tion-space mechanisms, provides con crete examples how solutions critically dependent features.
参考文章(39)
Wietse Venema, Murphy's law and computer security usenix security symposium. pp. 19- 19 ,(1996)
Spencer E. Minear, Providing policy control over object operations in a mach based system usenix security symposium. pp. 13- 13 ,(1995)
Roland J. Schemers, Mike Eisler, Raj Srinivasan, Security mechanism independence in ONC RPC usenix security symposium. pp. 6- 6 ,(1996)
Don Davis, Kerberos plus RSA for world wide web security WOEC'95 Proceedings of the 1st conference on USENIX Workshop on Electronic Commerce - Volume 1. pp. 16- 16 ,(1995)
Bruce Schneier, David Wagner, Analysis of the SSL 3.0 protocol WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2. pp. 4- 4 ,(1996)
James P. Anderson, Computer Security Technology Planning Study ,(1972)
Mark D. Ladue, WHEN JAVA WAS ONE: THREATS FROM HOSTILE BYTE CODE ,(1997)
Elizabeth D. Zwicky, D. Brent Chapman, Deborah Russell, Building Internet Firewalls ,(1995)
Alma Whitten, J. D. Tygar, WWW electronic commerce and java trojan horses WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2. pp. 15- 15 ,(1996)
W.E. Boebert, R.Y. Kain, A further note on the confinement problem international carnahan conference on security technology. pp. 198- 202 ,(1996) , 10.1109/CCST.1996.551864