论文信息 - LOCK trek: navigating uncharted space

LOCK trek: navigating uncharted space

The design principles of the logical coprocessing kernel (LOCK) project are considered. LOCK is an advanced development of hardware-based computer security and cryptographic service modules. Much of the design and some of the implementation specifications are complete. The formal top level specification (FTLS) also is complete and the advanced noninterference proofs are beginning. This hardware-based approach has brought the LOCK project into many uncharted areas in the design, verification, and evaluation of an integrated information security system. System integration currently appears to be the single largest programatic problem. The authors examine two important design areas: design verification and porting Unix System V to a LOCK host. The verification tools seem able to verify design only and not implementation.<<ETX>>

O. Sami Saydjari | J. M. Beckman | J. R. Leaman

[1] Richard Y. Kain,et al. Secure Computing: The Secure Ada Target Approach , 1985 .

[2] John McHugh,et al. An Experience Using Two Covert Channel Analysis Techniques on a Real System Design , 1987, IEEE Trans. Software Eng..

[3] Z. G. Ruthberg,et al. National Computer Security Conference Proceedings (11th): A Postscript: Computer Security--Into the Future, 17-20 October 1988 , 1988 .

[4] J. Thomas Haigh,et al. Extending the Non-Interference Version of MLS for SAT , 1986, IEEE Symposium on Security and Privacy.

[5] Robert S. Fabry,et al. Capability-based addressing , 1974, CACM.

[6] F. T. Grampp,et al. The UNIX system UNIX operating system security , 1984, AT&T Bell Laboratories Technical Journal.

[7] Richard J. Lipton,et al. Social processes and proofs of theorems and programs , 1979, CACM.

[8] Carl E. Landwehr,et al. On Access Checking in Capability-Based Systems , 1986, IEEE Transactions on Software Engineering.

[9] Jerome H. Saltzer,et al. The protection of information in computer systems , 1975, Proc. IEEE.