A mandatory access control policy model for information security requirements

被引:0
作者
Leiwo, J [1 ]
Gamage, C [1 ]
Zheng, YL [1 ]
机构
[1] Monash Univ, Peninsula Sch Comp & Informat Technol, Frankston, Vic 3199, Australia
来源
PROCEEDINGS OF THE 21ST AUSTRALASIAN COMPUTER SCIENCE CONFERENCE, ACSC'98 | 1998年 / 20卷 / 01期
关键词
D O I
暂无
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
Two basic paradigms towards specification of information security requirements can be taken: continuous specification and early specification of requirements. In models supporting continuous specification and refinement of information security requirements, the development organization is more vulnerable to the tampering with partially specified requirement primitives. This paper proposes a formal model for requirement access control to prevent unauthorized modification of security requirements, that may lead to weak or inconsistent implementation of protection measures.
引用
收藏
页码:527 / 538
页数:12
相关论文
共 50 条
[21]   Virtualization Security Combining Mandatory Access Control and Virtual Machine Introspection [J].
Win, Thu Yein ;
Tianfield, Huaglory ;
Mair, Quentin .
2014 IEEE/ACM 7TH INTERNATIONAL CONFERENCE ON UTILITY AND CLOUD COMPUTING (UCC), 2014, :1004-1009
[22]   A multi-policy model for access control in Cooperative Information Systems [J].
Huin, Leslie ;
Disson, Eric ;
Boulanger, Danielle .
8TH INTERNATIONAL CONFERENCE ON SIGNAL IMAGE TECHNOLOGY & INTERNET BASED SYSTEMS (SITIS 2012), 2012, :996-1001
[23]   Security policy management for systems employing role based access control model [J].
Huang, Chao ;
Sun, Jianling ;
Wang, Xinyu ;
Si, Yuanjie .
Information Technology Journal, 2009, 8 (05) :726-734
[24]   Model Checking Distributed Mandatory Access Control Policies [J].
Alexander, Perry ;
Pike, Lee ;
Loscocco, Peter ;
Coker, George .
ACM TRANSACTIONS ON INFORMATION AND SYSTEM SECURITY, 2015, 18 (02)
[25]   Research on Mandatory Access Control Model for Application System [J].
Xu, Lu ;
Zhang, Hongqi ;
Du, Xuehui ;
Wang, Chao .
NSWCTC 2009: INTERNATIONAL CONFERENCE ON NETWORKS SECURITY, WIRELESS COMMUNICATIONS AND TRUSTED COMPUTING, VOL 2, PROCEEDINGS, 2009, :159-163
[26]   A practical mandatory access control model for XML databases [J].
Zh, Hong ;
Lue, Kevin ;
Jin, Renchao .
INFORMATION SCIENCES, 2009, 179 (08) :1116-1133
[27]   A mandatory access control model with temporal and spatial constraints [J].
Fan, Yan-Fang ;
Cai, Ying ;
Geng, Xiu-Hua .
Beijing Youdian Daxue Xuebao/Journal of Beijing University of Posts and Telecommunications, 2012, 35 (05) :111-114
[28]   A Comparative Analysis of Linux Mandatory Access Control Policy Enforcement Mechanisms [J].
Brimhall, Brennon ;
Garrard, Justin ;
De La Garza, Christopher ;
Coffman, Joel .
PROCEEDINGS OF THE 2023 EUROPEAN WORKSHOP ON SYSTEM SECURITY, EUROSEC 2023, 2023, :1-7
[29]   Mandatory Content Access Control for Privacy Protection in Information Centric Networks [J].
Li, Qi ;
Sandhu, Ravi ;
Zhang, Xinwen ;
Xu, Mingwei .
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2017, 14 (05) :494-506
[30]   Compatible and Usable Mandatory Access Control for Good-enough OS Security [J].
Shan, Zhiyong .
PROCEEDINGS OF THE SECOND INTERNATIONAL SYMPOSIUM ON ELECTRONIC COMMERCE AND SECURITY, VOL I, 2009, :246-250
12345