A security model for military message systems
ACM Transactions on Computer Systems (TOCS)
A Linear Time Algorithm for Deciding Subject Security
Journal of the ACM (JACM)
ACM Computing Surveys (CSUR)
Encryption and Secure Computer Networks
ACM Computing Surveys (CSUR)
Formal Models for Computer Security
ACM Computing Surveys (CSUR)
Security Mechanisms in High-Level Network Protocols
ACM Computing Surveys (CSUR)
An Axiomatic Approach to Information Flow in Programs
ACM Transactions on Programming Languages and Systems (TOPLAS)
Shared resource matrix methodology: an approach to identifying storage and timing channels
ACM Transactions on Computer Systems (TOCS)
Specification and verification of the UCLA Unix security kernel
Communications of the ACM
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
A model for verification of data security in operating systems
Communications of the ACM
Using encryption for authentication in large networks of computers
Communications of the ACM
A lattice model of secure information flow
Communications of the ACM
Cryptography and data security
Cryptography and data security
The transfer of information and authority in a protection system
SOSP '79 Proceedings of the seventh ACM symposium on Operating systems principles
A verifiable protection system
Proceedings of the international conference on Reliable software
Secure information flow in computer systems.
Secure information flow in computer systems.
Security of communication in computer networks (key management, verification)
Security of communication in computer networks (key management, verification)
Modelling multidomain security
NSPW '92-93 Proceedings on the 1992-1993 workshop on New security paradigms
A Role Based Privacy-Aware Secure Routing Protocol for Wireless Mesh Networks
Wireless Personal Communications: An International Journal
| Hi-index | 0.00 |
A model is presented that precisely describes the mechanism that enforces the security policy and requirements for a multilevel secure network. The mechanism attempts to ensure secure flow of information between entities assigned to different security classes in different computer systems connected to the network. The mechanism also controls the access to the network devices by the subjects (users and processes executed on behalf of the users) with different security clearances. The model integrates the notions of nondiscretionary access control and information flow control to provide a trusted network base that imposes appropriate restrictions on the flow of information among the various devices. Utilizing simple set-theoretic concepts, a procedure is given to verify the security of a network that implements the model.