Where results make sense

About us   |   Why use us?   |   Reviews   |   PR   |   Contact us

Topic: Computer security model

    Note: these results are not from the primary (high quality) database.

Java Security Architecture: - The original security model provided by the Java platform is known as the sandbox model, which existed in order to provide a very restricted environment in which to run untrusted code obtained from the open network. However, such programming is extremely security-sensitive and requires sophisticated skills and in-depth knowledge of computer security. The essence of the sandbox model is that local code is trusted to have full access to vital system resources (such as the file system) while downloaded remote code (an applet) is not trusted and can access only the limited resources provided inside the sandbox. java.sun.com /j2se/1.4.2/docs/guide/security/spec/security-spec.doc1.html   (832 words)

UVa Security Group Bibliography Goguen, J. A., Meseguer, J. "Security Policies and Security Models", Proceedings 1982 IEEE Symposium of Security and Privacy, April 1982, pp. Heintze, Nevin, and Tygar, J.D., "A Model for Secure Protocols and Their Compositions", in Proceedings of the 1994 IEEE Symposium on Research in Security and Privacy, pp. Kak, S.C., "Data Security in Computer Networks", IEEE Computer Magazine, February 1983, pp 8-10. www.cs.virginia.edu /~dmk8r/Legion/SecurityBibliography.html   (832 words)

Security Policy This powerpoint presentation contain information on the history of computer security and several models of security. Security Models, Emm Gun Sirer; This is a nice Power point presentation of security models and how they relate to integrity and confidentiality policies. This is a short description of a broad definition of computer security including a definition for the integrity of a system among other computer security issues. csc.colstate.edu /summers/e-library/policy.html   (832 words)

encyclopedia.html Mathematical models of viral spread have been investigated by a number of researchers, and we now have a reasonable means of predicting the spread of typical viruses given an accurate enough characterization of a system and no defense in place [65][66]. These models tend to provide insight into managing the virus problem rather than as technical defense mechanisms, and are therefore most advantageous to high level decision makers. In most of these systems, the user with the lowest security clearance is the greatest threat from the standpoint of viral attack, because higher security level users can run programs written at the lowest security level, and thus become infected [1,13]. www.all.net /books/integ/encyclopedia.html   (832 words)

A Security Model For Military Message Systems - Landwehr (ResearchIndex) Security models are used to define the concept of security embodied by a computer system.... A goal of current research in computer security is to facilitate the construction of multilevel secure systems, systems that protect information of different classifications from users with different clearances. This paper introduces a security model for a family of military message systems. citeseer.lcs.mit.edu /landwehr84security.html   (832 words)

Multics Bibliography Though the criteria are intended to be application-independent, the specific security feature requirements may have to be interpreted when applying the criteria to specific systems with their own functional requirements, applications or special environments (e.g., communications processors, process control computers, and embedded systems in general). The results of a 1973 security study of the Multics Computer System are presented detailing requirements for a new access control mechanism that would allow two levels of classified data to be used simultaneously on a single Multics system. The effort initially produced a mathematical framework and a model [1, 2] and subsequently developed refinements and extensions to the model [3] which reflected a computer system architecture similar to that of Multics [4]. www.multicians.org /biblio.html   (832 words)

IEEE Transactions on Software Engineering,August 2000 (Vol. 26, No. 8) [2] D.E. Bell, "Concerning 'Modelling' of Computer Security," IEEE Computer Society Symp. The security model consists of a system model given as a state transition automaton on infinite structures and the formalization of security objectives by means of properties of automaton behaviors. Novel aspects of the model are the need for defining integrity and confidentiality objectives on the hardware level without the operating system or application specification and security policy being given, and the utilization of an abstract function and data space. doi.ieeecomputersociety.org /10.1109/32.879809   (832 words)

Security Certification Originally published in the 1984 ACM Transactions on Computer Systems, this paper was republished in 2001 as a "classic paper" in computer security. Security management entails the identification of an organization's information assets and the development, documentation, and implementation of policies, standards, procedures, and guidelines. The mission of the Security Management Program in the Office of Science is to assure the adequate protection of information and assets while maintaining the openness and integrity that is necessary to foster the advancement of basic science and technological innovation. www.softpanorama.org /Security/Certifications/cissp_certification.shtml   (832 words)

Lycos search: face. facial. animation. For the computer to solve this image analysis problem, it must have some kind of model of the objects that are to be analyzed. Instead of coding these object models by hand, we want the computer to ``learn'' its own models given a set of example images of each object. We also have tested a general fuzzy logical model of perception in a variety of domains, including perception and understanding of language, memory, object, shape and depth perception, learning, and decision making. www.cs.ubc.ca /spider/forsey/facial.html   (832 words)

Wittys.Com Security Links SecurityStats.com Great source of computer security related statistics, as well as awareness tools like a password strength meter, and several others. Discusses information flow policies, security labels, and the Bell LaPadula and Biba security models. AntiCode - Exploits Sorted By OS - Computer Security - Hacking and Hackers www.wittys.com /links.html   (832 words)

Information Security Technical Glossary Formal-state transition model of computer security policy that describes a formal set of access controls based on information sensitivity and subject authorisations. The HSM is a tamper resistant, hardware security module that connects as a peripheral to a host computer. A security protocol based on public-key cryptography that is used to establish security contexts and encrypting keys between a pair of hosts on the Internet. homepage.ntlworld.com /alan.fraser2/Glossary2.htm   (2642 words)

REVIEW: "The Information Security Dictionary", Urs E. Gattiker The definition for the Bell-La Padula security model doesn't provide any details of the pattern itself, does not mention confidentiality (a central concept), and does not refer to the Trusted Computer System Evaluation Criteria and other outcomes of the paradigm. Web Server Talk > Server Security > Computer Security > REVIEW: "The Information Security Dictionary", Urs E. Gattiker The Biba integrity model is listed as "Bibra." Patent mentions the ability of the patent holder to restrict use, but doesn't mention that patent is only applicable to devices and that the device must be novel, useful, and non-obvious. www.webservertalk.com /message955943.html   (1920 words)

Sandbox - Wikipedia, the free encyclopedia Sandbox (computer security), a container in which untrusted programs can be safely run. In military education and training, a sandbox is a box of sand used in conjunction with models to model terrain and demonstrate tactics that may be applicable in the field. Sandbox (railways), used to improve traction on railways. en.wikipedia.org /wiki/Sandbox   (324 words)

Understanding the keys to Java security -- the sandbox and authentication Whenever a security hole is discovered, the story blasts into the computer news (and sometimes the business news) very quickly. The Byte Code Verifier is the first prong of the Java security model. The Security Manager is given a chance to veto the operation by generating a Security Exception (the bane of Java developers everywhere). www.javaworld.com /javaworld/jw-05-1997/jw-05-security.html   (1477 words)

Biba model - Wikipedia, the free encyclopedia The Biba Model is a formal state transition system of computer security policy that describes a set of access control rules designed to ensure that data is not contaminated. This security model is directed toward data integrity (rather than security) and is characterized by the phrase: "no write up, no read down". With Biba, users can only create content at or below their own security level (a monk may write a prayer book that can be read by commoners, but a high priest would not be allowed to view the work of the (presumably) less pious monk). en.wikipedia.org /wiki/Biba_model   (1477 words)

Computer Security Weekly, September 13, 1999 Java security is rather complex, but for most people the important aspect is the applet model that makes network based programs run in a security "sandbox." Microsoft, of course, already has its own problems with Java, but now they've got one more. Computer Security - Computer Security Weekly, September 13, 1999 - http://www.suite101.com/article.cfm/3543/25259 This means that AOL can send short programs to your computer, and they get executed. www.suite101.com /article.cfm/3543/25259   (417 words)

Sandbox Project, Due 04/04/2005 The sandbox security model provides a tightly-controlled set of resources for foreign programs to run in, such as a small "scratch-space" on the disk and a section of memory to carry out instructions. In computer security, a sandbox is a safe place for running semi-trusted programs or scripts, often originating from a third party. In other words, chroot creates an environment in which the actions of an untrusting process are restricted according to a security policy. web.syr.edu /~rwang01/cse785/sandbox.html   (576 words)

ITworld.com - Linux security basics Computer security professionals say users and administrators should develop a threat model, which states what you're trying to protect from whom. Computer security requires lots of plodding, methodical examination of details that will hopefully result in boring and predictable computers. I think driving is an excellent metaphor for computer security, on a number of levels: Some people think driving is enjoyable and exciting, but some think it is dangerous and scary. www.itworld.com /Man/3872/lw-01-security   (1981 words)

Computer security week 7 Model: a security model is an appraisal of what security means, what it should cover, what methods we should provide/use to achieve security. A model is a framework for understanding and solving the problem of security for a particular purpose. Think of every model as a computer program and we see that we need a high level part, formed from general subroutines in order to understand the structure of the problem. www.iwar.org.uk /comsec/resources/security-lecture/showb1a7.html   (1981 words)

Verification of a Formal Security Model for Multiapplicative Smart Cards The model extends the classical security models of Bell/LaPadula and Biba, but avoids the need for trusted processes, which are not subject to the security policy by incorporating such processes directly in the model itself. The model formalizes the main security aspects of secrecy, integrity, secure communication between applications and secure downloading of new applications. The model satisfies a security policy consisting of authentication and intransitive noninterference. www.laas.fr /~esorics/notices/SRSKAT2000.html   (1981 words)

HUT - TML - Tik-110.401 Fundamentals of Computer Security (2-3 cr), Home Assignments 2000 HUT - TML - Tik-110.401 Fundamentals of Computer Security (2-3 cr), Home Assignments 2000 b) Based on the Anderson article "Liability and Computer Security: Nine Principles" consider the following questions. Think how to realize security in each of the layers and what are the good and bad sides of the proposal. www.tml.hut.fi /Studies/Tik-110.401/2000/assignments.html   (1981 words)

Definition: bell-la padula security model Bell-La Padula security model: [A] formal state-transition model of a computer security policy that describes a formal set of access controls based on information sensitivity and subject authorizations. This HTML version of Telecom Glossary 2K was last generated on Wed May 8 15:36:48 MDT 2002. www.its.bldrdoc.gov /projects/devglossary/_bell-la_padula_security_model.html   (45 words)

Formal OS Security Models Harrison-Ruzo-Ullman security model (HRU) (1977) BLP has NO policies for CHANGING ACCESS RIGHTS or CREATE/DELETE of subjects/objects; in real computer systems, change needed - HRU defined authorization rules for such dynamic systems - Also uses an ARM that describes the state of the system - Commands can change system state. This would need to be done formally/mathematically to give confidence about the system's security HRU model components: Set of subjects S, elements s Set of objects O, elements o Set of access rights R represented in an ARM (abbr. To verify compliance with a given security policy, you must check that NO UNDESIRABLE ACCESS RIGHTS CAN BE GRANTED. gaia.ecs.csus.edu /~mitchell/csc250/lecture_notes/ossec/sl9_ossec.html   (196 words)

University of Michigan Dearborn School Projects Initial literature review on the field of computer forensics. Review of "Abraction and Refinement of a Multi-level Security Policy" Review of "Applying the TCSEC Guidlines to Embedded Systems" www.geocities.com /nateb250/projects.htm   (196 words)

"Palladium" Patent US 6330670 At a first glance Palladium/TCPA seems to walk all over territory covered in the 1980's in places like the Bell-La Padula Security Model and Dr Fred Cohen's treatises on computer viruses. Maybe my memory is exaggerating what they covered, I don't have the source material here to compare. For all you patent lawyers out there, I might be able to offer >published prior art for many of the more generic claims in U.S. patent >6,330,670. www.chiark.greenend.org.uk /pipermail/ukcrypto/2002-June/019467.html   (164 words)

CHACS Publications for 1990 Security models are used to define the concept of security embodied by a computer system. "Formal Models for Computer Security," ACM Computing Surveys, Vol. We are developing a new approach to defining security models based on the idea that a security model should be derived from a specific application. chacs.nrl.navy.mil /publications/CHACS/Before1990/indexbefore1990.html   (669 words)

The Bell-LaPadula Model Reexamined Bell and LaPadula use an abstract state machine to model computer systems and define a system to be secure if every reachable state satisfies three security properties. The Bell-LaPadula model (BLP) is among the most fundamental works in computer security and is taught to almost everyone who studies computer security. They then prove a Basic Security Theorem that intends to show that determining whether a system is secure or not can be done by analyzing the description of a system without running the system. www.securitysummit.uiuc.edu /ninghuili.html   (191 words)

Security Taxonomy - Lynn Wheeler Related: Bell-LaPadula security model, Internet Protocol Security Option, clearance level, compartment, confinement property, controlled security mode, dedicated security mode, dominated by, dominates, downgrade, lattice model, mode of operation, modes of operation, multilevel security, multilevel security mode, non-discretionary security, regrade, risk index, sanitize, security, security label, security level, security situation, sensitivity label, system-high security mode, user, Related: as is process model, interface control document, release, revision, security target, site accreditation, software, software library, software system test and evaluation process, version, Related: access control, computer security, evaluation, networks, risk, security, trust, trusted computer system, www.garlic.com /~lynn/sectax.htm   (191 words)

33-270.htm Design Verification-- Use of verification techniques, usually computer-assisted, to demonstrate a mathematical correspondence between an abstract (security) model and a formal system specification. Formal Verification-- Process of using formal proofs to demonstrate the consistency between formal specification of a system and formal security policy model (design verification) or between formal specification and its high-level program implementation ( Implementation Verification). Key Stream-- Sequence of symbols (or their electrical or mechanical equivalents) produced in a machine or auto-manual cryptosystem to combine with plain text to produce cipher text, control transmission security processes, or produce key. www.fas.org /irp/doddir/usaf/33-270.htm   (191 words)

Why Security? Instead of approaching security by requiring you to prevent any code you don't trust from ever making its way onto your computer, the sandbox model allows you to welcome code from any source. One of the greatest strengths of Java's sandbox security model is that two of these components, the class loader and security manager, are customizable. Because the sandbox security model imposes strict controls on what untrusted code can and cannot do, users are able to run untrusted code with relative safety. www.artima.com /insidejvm/ed2/security.html   (191 words)

Try your search on: Qwika (all wikis)

About us   |   Why use us?   |   Reviews   |   Press   |   Contact us   Copyright © 2005-2007 www.factbites.com Usage implies agreement with terms.