Formal Models for Computer Security
ACM Computing Surveys (CSUR)
A lattice model of secure information flow
Communications of the ACM
Collecting Garbage in Multilevel Secure Object Stores
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
Verified formal security models for multiapplicative smart cards
Journal of Computer Security - Special issue on ESORICS 2000
A security model of dynamic labeling providing a tiered approach to verification
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
| Hi-index | 0.00 |
Common security models such as Bell-LaPadula focus on the control of access to sensitive data but leave some important systems issues unspecified, such as the implementation of read-only objects, garbage collection, and object upgrade and downgrade paths. Consequently, different implementations of the same security model may have conflicting operational and security semantics. We propose the use of more expressive security labels for specifying these system issues within the security model, so that the semantics of a system design are precisely understood and are independent of implementation details.