Process execution controls as a mechanism to ensure consistency

A mechanism for ensuring that the changes to a system and its data occur in a consistent manner is presented. The mechanism, process execution controls, imposes restrictions on the method of access to the data, unlike access controls which impose restrictions upon which users can access the data. This mechanism imposes another layer to the currently existing access control restrictions, but one that is, for the most part, transparent to the user. Although transparent, the system offers the capability of containing viruses within a given domain. The author presents two methods of implementation; extending current access control lists and implementing complementary execution control lists.<<ETX>>

[1]  Theodore M. P. Lee,et al.  Using mandatory integrity to enforce 'commercial' security , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[2]  R. Sandhu TERMINOLOGY, CRITERIA AND SYSTEM ARCHITECTURES FOR DATA INTEGRITY , 1989 .

[3]  R. R. Jueneman Integrity controls for military and commercial applications , 1988, [Proceedings 1988] Fourth Aerospace Computer Security Applications.

[4]  Ravi Sandhu,et al.  Transaction control expressions for separation of duties , 1988, [Proceedings 1988] Fourth Aerospace Computer Security Applications.

[5]  David D. Clark,et al.  A Comparison of Commercial and Military Computer Security Policies , 1987, 1987 IEEE Symposium on Security and Privacy.

[6]  Ken Thompson,et al.  Reflections on trusting trust , 1984, CACM.

[7]  Fred Cohen,et al.  Computer viruses—theory and experiments , 1990 .