The Enforcement of Security Policies for Computation

Abstract

Security policies define how information within a computer system is to be used. Protection mechanisms are built into these systems to enforce security policies. However, in most systems it is quite unclear what policies a particular mechanism can or does enforce. This paper precisely defines security policies and protection mechanisms in order to bridge the gap between them with the concept of soundness: whether a protection mechanism enforces a specific policy for a given program. Different sound protection mechanisms for the same policy and program can then be compared (on the basis of completeness) to determine if one outperforms the others. That a union of mechanisms for the same policy and program can be taken to produce a more complete mechanism is demonstrated. Although a maximal mechanism exists it cannot necessarily be effectively found. In addition to developing a theoretical framework in which to discuss security, a surveillance protection mechanism is introduced which indicates that it is sound and that it is more complete than the commonly used high water mark mechanism.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
May 01, 1975
Accession Number
ADA013114

Entities

People

  • Anita K. Jones
  • Richard J. Lipton

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Energy and Power Technologies
  • Human Systems

DTIC Thesaurus Topics

  • Acoustic Equipment
  • Acoustic Propagation
  • Compilers
  • Computations
  • Computer Access Control
  • Computer Components
  • Computer Programs
  • Computers
  • Language
  • Magnetic Tape
  • Operating Systems
  • Security
  • Sequences
  • Surveillance
  • Tapes
  • Words (Language)

Fields of Study

  • Computer science

Readers

  • International Relations and European Studies
  • Operations Research
  • Theoretical Analysis.

Technology Areas

  • Cyber