Miró: Visual Specification of Security

Miro is a set of languages and tools that support the visual specification of file system security. Two visual languages are presented: the instance language, which allows specification of file system access, and the constraint language, which allows specification of security policies. Miro visual languages and tools are used to specify security configurations. A visual language is one whose entities are graphical, such as boxes and arrows, specifying means stating independently of any implementation the desired properties of a system. Security means file system protection: ensuring that files are protected from unauthorized access and granting privileges to some users, but not others. Tools implemented and examples of how these languages can be applied to real security specification problems are described. >

[1]  John McLean,et al.  Reasoning About Security Models , 1987, 1987 IEEE Symposium on Security and Privacy.

[2]  Eugene M. Luks Isomorphism of Graphs of Bounded Valence Can Be Tested in Polynomial Time , 1980, FOCS.

[3]  Derek G. Corneil,et al.  The graph isomorphism disease , 1977, J. Graph Theory.

[4]  Margaret M. Burnett,et al.  Visual languages and the conflict between single assignment and iteration , 1989, [Proceedings] 1989 IEEE Workshop on Visual Languages.

[5]  J. D. Tygar,et al.  Efficient Netlist Comparison Using Hierarchy and Randomization , 1985, DAC 1985.

[6]  Terry V. Benzel Analysis of a Kernel Verification , 1984, IEEE Symposium on Security and Privacy.

[7]  J. D. Tygar,et al.  An Integrated Toolkit for Operating System Security , 1986 .

[8]  Ephraim P. Glinert,et al.  C/sup 2/: a mixed textual/graphical environment for C , 1988, [Proceedings] 1988 IEEE Workshop on Visual Languages.

[9]  J. Doug Tygar,et al.  Constraining Pictures with Pictures , 1989, IFIP Congress.

[10]  William A. Wulf,et al.  HYDRA/C.Mmp, An Experimental Computer System , 1981 .

[11]  Mahadev Satyanarayanan,et al.  The ITC distributed file system: principles and design , 1985, SOSP 1985.

[12]  Christoph M. Hoffmann,et al.  Group-Theoretic Algorithms and Graph Isomorphism , 1982, Lecture Notes in Computer Science.

[13]  David Harel,et al.  On visual formalisms , 1988, CACM.

[14]  Alfred V. Aho,et al.  The Design and Analysis of Computer Algorithms , 1974 .

[15]  Mahadev Satyanarayanan,et al.  The ITC distributed file system: principles and design , 1985, SOSP '85.

[16]  P. S. Tasker,et al.  DEPARTMENT OF DEFENSE TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA , 1985 .

[17]  Brad A. Myers,et al.  The Garnet user interface development environment : a proposal , 1988 .

[18]  John McLean,et al.  A Comment on the 'Basic Security Theorem' of Bell and LaPadula , 1985, Inf. Process. Lett..