Proceedings of the 1998 workshop on New security paradigms
Applications of Trusted Review to Information Security
ACISP '01 Proceedings of the 6th Australasian Conference on Information Security and Privacy
A comparison of methods for implementing adaptive security policies
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Hi-index | 0.00 |
Prior to the introduction of guard systems for electronic mail, guards tended to be overly specialized and not versatile enough for today's user community. The paper examines the use of type enforcement to create a highly assured yet administrator configurable guard. The administrator must be able to trust that the configuration provided will indeed be followed. This occurs by using highly assured or trusted components. These trusted components are then linked together via type enforcement to form a pipeline, with one input channel for data to enter the guard, and one separate, connected output channel for data to exit the guard. These channels are connected via assured processes whose behavior is restricted by the type enforcement mechanism. Furthermore, type enforcement is also used to isolate many components of the guard, which simplifies the assurance arguments. This technology is applied in the latest operational guards developed by the Secure Computing Corporation.