INFERENCE THROUGH SECONDARY PATH-ANALYSIS

被引:0
作者
BINNS, LJ [1 ]
机构
[1] US DEPT DEF,OFF INFOSEC COMP SCI,FT GEORGE G MEADE,MD 20755
来源
IFIP TRANSACTIONS A-COMPUTER SCIENCE AND TECHNOLOGY | 1993年 / 21卷
关键词
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Inference, the ability to deduce classified information from unclassified information1, is a leading security issue in the field of Multilevel Secure Database Management Systems (MLS DBMSs). Trusted systems are designed to prevent an unauthorized flow of data. However, inference techniques gather unauthorized information in a seemingly proper manner. Standard models for controlling information flow (i.e.: Bell-LAPadula) cannot detect unauthorized access gained by utilizing inference techniques. This paper addresses a specific class of inference attack: inference through secondary path analysis. This method of inference attack is characterized as one which seeks out alternative paths between two attributes whose primary path is classified. Our goal is to formally define this type of attack as a preamble to its solution.
引用
收藏
页码:195 / 209
页数:15
相关论文
共 13 条
[1]  
BINNS LJ, 1992, 6TH P IFIP WG 11 3 W
[2]  
BINNS LJ, 1991, 4TH P RADC DAT SEC W
[3]  
GARVEY T, 1992, 6TH P IFIP WG 11 3 W
[4]  
GARVEY TD, 1991, 5TH P IFIP WG 11 3 W
[5]  
GARVEY TD, 1991, 4TH P WORKSH F COMP
[6]  
HINKE T, 1990, DATABASE SECURITY, V3
[7]  
HINKE TH, 1988, 1988 P IEEE S SEC PR
[8]  
HINKE TH, 1992, 6TH P IFIP WG 11 3 W
[9]  
LIN TY, 1991, 4TH P RADC DAT SEC W
[10]  
LIN TY, 1989, 1989 P IEEE S SEC PR
12