Security Kernel validation in practice
Communications of the ACM
A note on the confinement problem
Communications of the ACM
A security model for military message systems
ACM Transactions on Computer Systems (TOCS)
The development and proof of a formal specification for a multilevel secure system
ACM Transactions on Computer Systems (TOCS)
Kit: A Study in Operating System Verification
IEEE Transactions on Software Engineering
Formal Models for Computer Security
ACM Computing Surveys (CSUR)
Protecting privacy using the decentralized label model
ACM Transactions on Software Engineering and Methodology (TOSEM)
Survey of recent operating systems research, designs and implementations
ACM SIGOPS Operating Systems Review
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
Design and verification of secure systems
SOSP '81 Proceedings of the eighth ACM symposium on Operating systems principles
Reflections on the verification of the security of an operating system kernel
SOSP '83 Proceedings of the ninth ACM symposium on Operating systems principles
A note on information flow into arrays
ACM SIGSOFT Software Engineering Notes
Security Information Flow in Multidimensional Arrays
IEEE Transactions on Computers
A security policy for a profile-oriented operating system
AFIPS '81 Proceedings of the May 4-7, 1981, national computer conference
The advent of trusted computer operating systems
AFIPS '80 Proceedings of the May 19-22, 1980, national computer conference
SP'88 Proceedings of the 1988 IEEE conference on Security and privacy
Security framework for integrated networks
MILCOM'03 Proceedings of the 2003 IEEE conference on Military communications - Volume II
Information flow analysis for a typed assembly language with polymorphic stacks
CASSIS'05 Proceedings of the Second international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices
A typed assembly language for non-interference
ICTCS'05 Proceedings of the 9th Italian conference on Theoretical Computer Science
Improved multilevel security with latent semantic indexing
Expert Systems with Applications: An International Journal
| Hi-index | 0.00 |
Two nearly equivalent models of multilevel security are presented. The use of multiple models permits the utilization of each model for purposes where that model is particularly advantageous. In this case, the more general model is simple and easily comprehensible, being more abstract, and is useful for exposition of the meaning of multilevel security. The less general model relates well to design specifications and permits straightforward proof of the security of a system design. The correspondence between the two models is easily demonstrated. The two models when applied appropriately are more useful for defining and proving the multilevel security of systems than existing models. The utility of the two models and their relationship to existing models is discussed and the proof of the security of one particular system design is illustrated. The technique for accomplishing the security proof is straightforward and can be extensively automated.