Information Tools for Security Protection

Abstract

This report describes the three tools built for the Information Security Tools project. Each of these tools provides a way of helping a user uncover potential security problems arising from the composition of parts of a system. The intent of this work was to provide tools usable by trained, but not necessarily expert, security personnel. The System Security Analysis Tool helps a user to model and analyze the security of systems. It provides a way to combine a security analysis of a generic architecture with the specific requirements of a particular system. The Application System Call Analysis Tool is used to identify a trusted application's system calls, and display potential problems or limitations associated with those calls. It is intended for use with an HP-CMW. The Application Installation Analysis Tool is used to check the access-control policy of a trusted application on an HP-CMW using a vendor's abstract policy, installation parameters, and the current state of the system. It provides a way of identifying differences between the way an access control policy is implemented and the vendor's policy.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Nov 01, 2002
Accession Number
ADA408503

Entities

People

  • Cheryl Barbasch
  • David M. Rosenthal
  • Peter Samsel

Tags

Communities of Interest

  • Human Systems

DTIC Thesaurus Topics

  • Abstracts
  • Air Force
  • Air Force Research Laboratories
  • Classification
  • Computer Access Control
  • Engineers
  • Information Operations
  • Information Security
  • Military Research
  • New York
  • Security
  • Security Personnel
  • Standards

Fields of Study

  • Computer science
  • Engineering

Readers

  • Cybersecurity.
  • Database Systems and Applications
  • Systems Analysis and Design