Mechanism Sufficiency Validation by Assignment
暂无分享,去创建一个
This paper introduces a mathematical framework for evaluating the relationship between policies and mechanisms. An evaluation approach called the assigmnent technique is defined. This technique consists of establishing an assignment between the security classes of information established by policy constraints, and the protection domains, established by the properties of the mechanism. The assignment technique provides a theoretical foundation for assessing the sufficiency of an access control mechanism with respect to a well formed protection policy. Although this paper presents preliminary results of research, the propsed framework suggests a promising new approach for evaluating the protection mechanisms of existing and proposed systems.
[1] Dorothy E. Denning,et al. A lattice model of secure information flow , 1976, CACM.
[2] Dorothy E. Denning,et al. Secure information flow in computer systems. , 1975 .
[3] Michael J Grohn,et al. A Model of a Protected Data Management System. , 1976 .
[4] Michael D. Schroeder,et al. Cooperation of mutually suspicious subsystems in a computer utility , 1972 .
[5] Lawrence Robinson,et al. A Provably Secure Operating System. , 1975 .