A multilevel security model for a distributed object-oriented system

Distributed systems are vulnerable to a number of security attacks. The authors look at the security problems of object-based distributed systems, and propose a model based on labelling for multilevel security. The purpose of this model is to preserve the information flow security in a distributed object-oriented system. The authors consider the basic concepts of the object paradigm, and also the security threats to such systems. They postulate various modelling possibilities, and produce a specific set of security properties which describe a multilevel secure object model. This particular model should not be considered as a panacea, but rather should demonstrate how the various modelling decisions are reflected in an actual model.<<ETX>>

[1]  Teresa F. Lunt,et al.  Multilevel Security for Object-Oriented Database Systems , 1989, Database Security.

[2]  James G. Mitchell,et al.  A comparison of two network-based file servers , 1981, SOSP.

[3]  Paul J. Leach,et al.  The Architecture of an Integrated Local Network , 1983, IEEE J. Sel. Areas Commun..

[4]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[5]  P. America,et al.  A behavioural approach to subtyping in object-oriented programming languages , 1991 .

[6]  James G. Mitchell,et al.  A comparison of two network-based file servers , 1982, CACM.

[7]  Klaus R. Dittrich,et al.  Discretionary Access Control in Structurally Object-Oriented Database Systems , 1988, DBSec.

[8]  William R. Cook,et al.  Inheritance is not subtyping , 1989, POPL '90.

[9]  Bhavani M. Thuraisingham,et al.  SODA: A secure object-oriented database system , 1989, Comput. Secur..

[10]  George Coulouris,et al.  Distributed systems - concepts and design , 1988 .

[11]  David Robson,et al.  Smalltalk-80: The Language and Its Implementation , 1983 .

[12]  A. J. Herbert The Cambridge Distributed Computing System , 1983, Advanced Course: Local Area Networks.

[13]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[14]  簡聰富,et al.  物件導向軟體之架構(Object-Oriented Software Construction)探討 , 1989 .

[15]  Daniel G. Bobrow,et al.  Object-Oriented Programming: Themes and Variations , 1989, AI Mag..