AS NETWORK MODEL APPLIED TO A SINGLE-MACHINE SECURE SYSTEM

Authors
  1. Thomson, B.
  2. Lee, E.S.
  3. Boulton, P.I.P.
  4. Stumm, M.
  5. Lewis, D.M.
Corporate Authors
Toronto Univ, Toronto ONT (CAN) Computer Systems Research Inst;Chief of Research and Development, Ottawa ONT (CAN)
Abstract
Trustworthy single-machine systems are required to have a trusted computing base (TCB) that has the responsibility of enforcing the dictates of the security policy. A security model of a single machine system represents the constraints imposed by the TCB on the untrusted components of the system. The purpose of the modelling is to show that these constraints are sufficient to prevent policy violations. A TCB provides the (untrusted) rest of the operating system with a (trusted) functionality. It is composed of a collection of mechanisms that collectively provide this functionality. The most apparent functions from the confidentiality viewpoint are those that deal with the file system. Many of the dictates of the security policy deal with the access by active subjects to passive objects. The network model that we developed for the TNA study has several features that make its application to a single machine system interesting.
Date of publication
15 Nov 1988
Number of Pages
40
DSTKIM No
90-01125
CANDIS No
63396
Format(s):
Hardcopy;Originator's fiche received by DSIS

Permanent link

Document 1 of 1

Date modified: