A mandatory access control policy model for information security requirements

被引：0

作者：

Leiwo, J ^{[1
]}

Gamage, C ^{[1
]}

Zheng, YL ^{[1
]}

机构：

[1] Monash Univ, Peninsula Sch Comp & Informat Technol, Frankston, Vic 3199, Australia

来源：

PROCEEDINGS OF THE 21ST AUSTRALASIAN COMPUTER SCIENCE CONFERENCE, ACSC'98 | 1998年 / 20卷 / 01期

关键词：

D O I：

暂无

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

Two basic paradigms towards specification of information security requirements can be taken: continuous specification and early specification of requirements. In models supporting continuous specification and refinement of information security requirements, the development organization is more vulnerable to the tampering with partially specified requirement primitives. This paper proposes a formal model for requirement access control to prevent unauthorized modification of security requirements, that may lead to weak or inconsistent implementation of protection measures.

引用

页码：527 / 538

页数：12

共 50 条

[31] Access Control and Security Properties Requirements Specification for Clouds' SecLAs [J].

Guesmi, Asma ;

Clemente, Patrice .

2013 IEEE FIFTH INTERNATIONAL CONFERENCE ON CLOUD COMPUTING TECHNOLOGY AND SCIENCE (CLOUDCOM), VOL 1, 2013, :723-729

[32] Security protection scheme using mobile trusted module and mandatory access control [J].

Li T. ;

Hu A. .

Dongnan Daxue Xuebao (Ziran Kexue Ban)/Journal of Southeast University (Natural Science Edition), 2011, 41 (03) :513-517

[33] Using Petri nets to verify access policies in mandatory access control model [J].

Jiang, YX ;

Lin, C ;

Chen, Z ;

Yin, H .

PROCEEDINGS OF THE 2004 IEEE INTERNATIONAL CONFERENCE ON INFORMATION REUSE AND INTEGRATION (IRI-2004), 2004, :271-276

[34] A Policy Model and Framework for Context-Aware Access Control to Information Resources [J].

Kayes, A. S. M. ;

Han, Jun ;

Rahayu, Wenny ;

Dillon, Tharam ;

Islam, Md. Saiful ;

Colman, Alan .

COMPUTER JOURNAL, 2019, 62 (05) :670-705

[35] Access Control and Information Flow Control for Web Services Security [J].

Kedjar, Saadia ;

Tari, Abdelkamel ;

Bertok, Peter .

INTERNATIONAL JOURNAL OF INFORMATION TECHNOLOGY AND WEB ENGINEERING, 2016, 11 (01) :44-76

[36] Ontology-based access control model for security policy reasoning in cloud computing [J].

Choi, Chang ;

Choi, Junho ;

Kim, Pankoo .

JOURNAL OF SUPERCOMPUTING, 2014, 67 (03) :711-722

[37] Ontology-based access control model for security policy reasoning in cloud computing [J].

Chang Choi ;

Junho Choi ;

Pankoo Kim .

The Journal of Supercomputing, 2014, 67 :711-722

[38] Mandatory Standards and Organizational Information Security [J].

Lee, Chul Ho ;

Geng, Xianjun ;

Raghunathan, Srinivasan .

INFORMATION SYSTEMS RESEARCH, 2016, 27 (01) :70-86

[39] Towards a location-based mandatory access control model [J].

Ray, I ;

Kumar, M .

COMPUTERS & SECURITY, 2006, 25 (01) :36-44

[40] CAMAC: A Context-A ware Mandatory Access Control Model [J].

Jafarian, Jafar Haadi ;

Amini, Morteza .

ISECURE-ISC INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 2009, 1 (01) :35-54

← 1 2 3 4 5 →