Adequate proof principles for invariance and liveness properties of concurrent programs
Science of Computer Programming
LUCID, the dataflow programming language
LUCID, the dataflow programming language
Proc. of the IFIP TC 10 working conference on Fifth generation computer architectures
The art of computer programming, volume 2 (3rd ed.): seminumerical algorithms
The art of computer programming, volume 2 (3rd ed.): seminumerical algorithms
Formal Models for Computer Security
ACM Computing Surveys (CSUR)
A lattice model of secure information flow
Communications of the ACM
The next 700 programming languages
Communications of the ACM
Petri Net Theory and the Modeling of Systems
Petri Net Theory and the Modeling of Systems
Proving multilevel security of a system design
SOSP '77 Proceedings of the sixth ACM symposium on Operating systems principles
LUCID: a specification language for distributed systems
ACM SIGSOFT Software Engineering Notes - Proceedings of VERkshop III -- a formal verification workshop
Real-Time Specification Using Lucid
IEEE Transactions on Software Engineering
A logic for reasoning about security
ACM Transactions on Computer Systems (TOCS)
A new model of security for distributed systems
NSPW '96 Proceedings of the 1996 workshop on New security paradigms
Reasoning about knowledge in multilevel secure distributed systems
SP'88 Proceedings of the 1988 IEEE conference on Security and privacy
Hi-index | 0.00 |
This paper describes current work on the design and specification of a multilevel secure distributed system called SNet. It discusses security models in general, the various problems of information flows in SNet, and the abstract and concrete security model components for SNet. It also introduces Lucid as a language for specifying distributed systems. The model components are expressed in Lucid; these Lucid partial specifications are shown to be correct with respect to the formal model, and the two model components are shown to be consistent. The complete functional specification of SNet in Lucid, its implementation in Concurrent Euclid, and the verification of the implementation with respect to the Lucid specification are not discussed.