Security models and information flow Export

@proceedings{citeulike:2622633, abstract = {A theory of information flow is developed that differs from that of nondeducibility, which is seen to be a theory of information sharing. The theory is used to develop a flow-based security model (FM) and to show that the proper treatment of security-relevant causal factors in such a framework is very tricky. Using FM as a standard for comparison, an examination is made of interference, generalized noninterference, and extensions to noninterference designed to protect high-level output, and it is seen that the proper treatment of causal factors in such models requires programs to be considered as explicit input to systems. This gives a new perspective on security levels. The model of D.E. Bell and L.J. LaPadula (1973), on the other hand, more successfully models security-relevant causal information, although this success is bought at the expense of the model being vague about its primitives. This vagueness is examined with respect to the claim that the Bell-LaPadula model and noninterference are equivalent}, author = {Mclean, J.}, booktitle = {Research in Security and Privacy, 1990. Proceedings., 1990 IEEE Computer Society Symposium on}, citeulike-article-id = {2622633}, citeulike-linkout-0 = {http://dx.doi.org/10.1109/RISP.1990.63849}, citeulike-linkout-1 = {http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=63849}, doi = {10.1109/RISP.1990.63849}, journal = {Research in Security and Privacy, 1990. Proceedings., 1990 IEEE Computer Society Symposium on}, keywords = {bell\_lapadula\_model, causal\_factors, information\_flow, interference, primitives, security\_models, theory\_of\_information, vagueness}, pages = {180--187}, posted-at = {2009-10-23 11:27:18}, priority = {2}, title = {Security models and information flow}, url = {http://dx.doi.org/10.1109/RISP.1990.63849}, year = {1990} }

TY - CONF ID - citeulike:2622633 L3 - citeulike-article-id:2622633 N2 - A theory of information flow is developed that differs from that of nondeducibility, which is seen to be a theory of information sharing. The theory is used to develop a flow-based security model (FM) and to show that the proper treatment of security-relevant causal factors in such a framework is very tricky. Using FM as a standard for comparison, an examination is made of interference, generalized noninterference, and extensions to noninterference designed to protect high-level output, and it is seen that the proper treatment of causal factors in such models requires programs to be considered as explicit input to systems. This gives a new perspective on security levels. The model of D.E. Bell and L.J. LaPadula (1973), on the other hand, more successfully models security-relevant causal information, although this success is bought at the expense of the model being vague about its primitives. This vagueness is examined with respect to the claim that the Bell-LaPadula model and noninterference are equivalent JF - Research in Security and Privacy, 1990. Proceedings., 1990 IEEE Computer Society Symposium on EP - 187 TI - Security models and information flow T2 - Research in Security and Privacy, 1990. Proceedings., 1990 IEEE Computer Society Symposium on SP - 180 KW - bell_lapadula_model KW - causal_factors KW - information_flow KW - interference KW - primitives KW - security_models KW - theory_of_information KW - vagueness AU - Mclean, J PY - 1990/// UR - http://dx.doi.org/10.1109/RISP.1990.63849 ER -