论文信息 - An Information Flow Security Model to Trusted Computing System

An Information Flow Security Model to Trusted Computing System

In this paper, we introduce a new information flow model for trusted computing systems.Different from traditional system protection models, such as access control matrix model, this model analyze the information flow in the system by tracing the operation sequences , and explains that the security status of a trusted computing system is the security attributes of information flows from input port to output port.With this model, we discuss the information channels in a trusted computing systems, and propose a "normal information flow theorem" which gives a necessary condition of the existence of normal information flow.

Shen Changxiang | Hu Jun | Shen Changxiang | Hu Jun

[1] B. Lampson,et al. Protection 1 , 2022 .

[2] Jennifer Widom,et al. Memory-Limited Execution of Windowed Stream Joins , 2004, VLDB.

[3] J. Meseguer,et al. Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[4] Richard A. Kemmerer,et al. Shared resource matrix methodology: an approach to identifying storage and timing channels , 1983, TOCS.

[5] Ravi S. Sandhu,et al. The schematic protection model: its definition and analysis for acyclic attenuating schemes , 1988, JACM.

[6] John McLean,et al. Proving Noninterference and Functional Correctness Using Traces , 1992, J. Comput. Secur..

[7] Peter J. Denning,et al. Protection: principles and practice , 1972, AFIPS '72 (Spring).

[8] Peter J. Denning,et al. Third Generation Computer Systems , 1971, CSUR.

[9] Lawrence Snyder. On the synthesis and analysis of protection systems , 1977, SOSP '77.

[10] Matt Bishop,et al. Computer Security: Art and Science , 2002 .

[11] Butler W. Lampson,et al. A note on the confinement problem , 1973, CACM.

[12] Rajeev Motwani,et al. On random sampling over joins , 1999, SIGMOD '99.

[13] John McLean,et al. Security models and information flow , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.