Reasoning About Security Models

Abstract

A method for evaluating security models is developed and applied to the model of Bell and LaPadula. The method shows the inadequacy of the Bell and LaPadula model, in particular,and the impossibility of any adequate definition of a secure system based solely on the notion of a secure state. The implications for the fruitfulness of seeking a global definition of a secure system and for the state of foundational research in computer security, in general, is discussed.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 1987
Accession Number
ADA465058

Entities

People

  • John A. McLean

Organizations

  • United States Naval Research Laboratory

Tags

Communities of Interest

  • Cyber
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Abstracts
  • Applied Computer Science
  • Classification
  • Communities
  • Computer Science
  • Computers
  • Cybersecurity
  • Environment
  • Guarantees
  • Information Operations
  • Information Systems
  • Military Research
  • Security
  • Transitions
  • Trojan Horse

Fields of Study

  • Computer science

Readers

  • Ballistic Missile Meteorology
  • Strategic Security Studies
  • Theoretical Analysis.

Technology Areas

  • Cyber