论文信息 - Towards a theory of penetration-resistant systems and its applications

Towards a theory of penetration-resistant systems and its applications

A theoretical foundation for penetration analysis of computer systems is presented, which is based on a set of formalized design properties that characterize resistance to penetration. By separating the policy-enforcement mechanisms of a system from the mechanisms necessary to protect the system itself, and by using a unified framework for representing a large set of penetration scenarios, the authors develop an extensible model for penetration analysis. Furthermore, they illustrate how the model is used to implement automated tools for penetration analysis. The theory, model, and tools only address system-penetration patterns caused by unprivileged users' code interactions with a system.<<ETX>>

Virgil D. Gligor | Sarbari Gupta

[1] D. Fishman,et al. A penetration analysis of the Michigan Terminal System , 1980, OPSR.

[2] Richard R. Linde,et al. Operating system penetration , 1975, AFIPS '75.

[3] Dennis Hollingworth,et al. Security Test and Evaluation Tools: An Approach to Operating System Security Analysis, , 1974 .

[4] Jim Carlstedt. Protection Errors in Operating Systems: Validation of Critical Conditions , 1976 .

[5] A. L. Wilkinson,et al. A penetration analysis of a Burroughs Large System , 1981, OPSR.

[6] William S. McPhee. Operating System Integrity in OS/VS2 , 1974, IBM Syst. J..

[7] Jonathan K. Millen. Kernel Isolation for the PDP-11/70 , 1982, 1982 IEEE Symposium on Security and Privacy.

[8] C. Richard Attanasio,et al. Penetrating an Operating System: A Study of VM/370 Integrity , 1976, IBM Syst. J..

[9] Virgil D. Gligor,et al. On the Identification of Covert Storage Channels in Secure Systems , 1990, IEEE Trans. Software Eng..

[10] R. Stockton Gaines,et al. Some security principles and their application to computer security , 1978, OPSR.

[11] Virgil D. Gllgor. On denial-of-service in computer networks , 1986, 1986 IEEE Second International Conference on Data Engineering.

[12] Jingsha He,et al. Information-flow analysis for covert-channel identification in multilevel secure operating systems , 1990, [1990] Proceedings. The Computer Security Foundations Workshop III.