Secure information flow using security groups
A new model and approach for secure information flow are described. The model is driven by a lattice-based information flow policy which describes the permitted dissemination of information in the system. System entities are allowed to handle different classes of information from the flow policy, an...
Gespeichert in:
| 1. Verfasser: | |
|---|---|
| Format: | Tagungsbericht |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 72 |
|---|---|
| container_issue | |
| container_start_page | 62 |
| container_title | |
| container_volume | |
| creator | Foley, S.N. |
| description | A new model and approach for secure information flow are described. The model is driven by a lattice-based information flow policy which describes the permitted dissemination of information in the system. System entities are allowed to handle different classes of information from the flow policy, and information is permitted to flow between entities as long as the flow policy is not violated. With this conceptually simple notion of security it is possible to describe many interesting security policies, for example, multilevel policies, aggregation policies, and Chinese walls. Details of how secure systems based on the model can be implemented in practice are given. Attention is also given to how other types of security policies, such as integrity and separation of duty, can be defined in terms of lattice-based policies.< > |
| doi_str_mv | 10.1109/CSFW.1990.128186 |
| format | Conference Proceeding |
| fullrecord | <record><control><sourceid>ieee_6IE</sourceid><recordid>TN_cdi_ieee_primary_128186</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>128186</ieee_id><sourcerecordid>128186</sourcerecordid><originalsourceid>FETCH-LOGICAL-g136t-9cc6f0e36ca62f903d7cdab4ec894a07b048185348365e3d0fe7f4131f0db76a3</originalsourceid><addsrcrecordid>eNotT01rwzAUM4zBRpf72Ml_IN17seOP4wjrNij00JYdi-M8B482KXHC6L9fSqeLJARCYuwZYYkI9rXarr6XaO1sC4NG3bHMagNXWYBG8cCylH5gRlkaBPXI8i35aSAeu9APJzfGvuPh2P_yKcWu5emaxvHC26GfzumJ3Qd3TJT984LtV--76jNfbz6-qrd13qJQY269VwFIKO9UESyIRvvG1ZK8sdKBrkHOk0ohjVAliQYC6SBRYICm1sqJBXu59UYiOpyHeHLD5XD7JP4Ac5FBlg</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Secure information flow using security groups</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>Foley, S.N.</creator><creatorcontrib>Foley, S.N.</creatorcontrib><description>A new model and approach for secure information flow are described. The model is driven by a lattice-based information flow policy which describes the permitted dissemination of information in the system. System entities are allowed to handle different classes of information from the flow policy, and information is permitted to flow between entities as long as the flow policy is not violated. With this conceptually simple notion of security it is possible to describe many interesting security policies, for example, multilevel policies, aggregation policies, and Chinese walls. Details of how secure systems based on the model can be implemented in practice are given. Attention is also given to how other types of security policies, such as integrity and separation of duty, can be defined in terms of lattice-based policies.< ></description><identifier>ISBN: 9780818620713</identifier><identifier>ISBN: 0818620714</identifier><identifier>DOI: 10.1109/CSFW.1990.128186</identifier><language>eng</language><publisher>IEEE Comput. Soc. Press</publisher><subject>Access control ; Data security ; Information security ; Lattices ; Multilevel systems ; Tail</subject><ispartof>[1990] Proceedings. The Computer Security Foundations Workshop III, 1990, p.62-72</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/128186$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,778,782,787,788,2054,4038,4039,27908,54903</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/128186$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Foley, S.N.</creatorcontrib><title>Secure information flow using security groups</title><title>[1990] Proceedings. The Computer Security Foundations Workshop III</title><addtitle>CSFW</addtitle><description>A new model and approach for secure information flow are described. The model is driven by a lattice-based information flow policy which describes the permitted dissemination of information in the system. System entities are allowed to handle different classes of information from the flow policy, and information is permitted to flow between entities as long as the flow policy is not violated. With this conceptually simple notion of security it is possible to describe many interesting security policies, for example, multilevel policies, aggregation policies, and Chinese walls. Details of how secure systems based on the model can be implemented in practice are given. Attention is also given to how other types of security policies, such as integrity and separation of duty, can be defined in terms of lattice-based policies.< ></description><subject>Access control</subject><subject>Data security</subject><subject>Information security</subject><subject>Lattices</subject><subject>Multilevel systems</subject><subject>Tail</subject><isbn>9780818620713</isbn><isbn>0818620714</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>1990</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><sourceid>RIE</sourceid><recordid>eNotT01rwzAUM4zBRpf72Ml_IN17seOP4wjrNij00JYdi-M8B482KXHC6L9fSqeLJARCYuwZYYkI9rXarr6XaO1sC4NG3bHMagNXWYBG8cCylH5gRlkaBPXI8i35aSAeu9APJzfGvuPh2P_yKcWu5emaxvHC26GfzumJ3Qd3TJT984LtV--76jNfbz6-qrd13qJQY269VwFIKO9UESyIRvvG1ZK8sdKBrkHOk0ohjVAliQYC6SBRYICm1sqJBXu59UYiOpyHeHLD5XD7JP4Ac5FBlg</recordid><startdate>1990</startdate><enddate>1990</enddate><creator>Foley, S.N.</creator><general>IEEE Comput. Soc. Press</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>1990</creationdate><title>Secure information flow using security groups</title><author>Foley, S.N.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-g136t-9cc6f0e36ca62f903d7cdab4ec894a07b048185348365e3d0fe7f4131f0db76a3</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>1990</creationdate><topic>Access control</topic><topic>Data security</topic><topic>Information security</topic><topic>Lattices</topic><topic>Multilevel systems</topic><topic>Tail</topic><toplevel>online_resources</toplevel><creatorcontrib>Foley, S.N.</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Electronic Library (IEL)</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Foley, S.N.</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Secure information flow using security groups</atitle><btitle>[1990] Proceedings. The Computer Security Foundations Workshop III</btitle><stitle>CSFW</stitle><date>1990</date><risdate>1990</risdate><spage>62</spage><epage>72</epage><pages>62-72</pages><isbn>9780818620713</isbn><isbn>0818620714</isbn><abstract>A new model and approach for secure information flow are described. The model is driven by a lattice-based information flow policy which describes the permitted dissemination of information in the system. System entities are allowed to handle different classes of information from the flow policy, and information is permitted to flow between entities as long as the flow policy is not violated. With this conceptually simple notion of security it is possible to describe many interesting security policies, for example, multilevel policies, aggregation policies, and Chinese walls. Details of how secure systems based on the model can be implemented in practice are given. Attention is also given to how other types of security policies, such as integrity and separation of duty, can be defined in terms of lattice-based policies.< ></abstract><pub>IEEE Comput. Soc. Press</pub><doi>10.1109/CSFW.1990.128186</doi><tpages>11</tpages></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | ISBN: 9780818620713 |
| ispartof | [1990] Proceedings. The Computer Security Foundations Workshop III, 1990, p.62-72 |
| issn | |
| language | eng |
| recordid | cdi_ieee_primary_128186 |
| source | IEEE Electronic Library (IEL) Conference Proceedings |
| subjects | Access control Data security Information security Lattices Multilevel systems Tail |
| title | Secure information flow using security groups |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-17T07%3A47%3A16IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Secure%20information%20flow%20using%20security%20groups&rft.btitle=%5B1990%5D%20Proceedings.%20The%20Computer%20Security%20Foundations%20Workshop%20III&rft.au=Foley,%20S.N.&rft.date=1990&rft.spage=62&rft.epage=72&rft.pages=62-72&rft.isbn=9780818620713&rft.isbn_list=0818620714&rft_id=info:doi/10.1109/CSFW.1990.128186&rft_dat=%3Cieee_6IE%3E128186%3C/ieee_6IE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=128186&rfr_iscdi=true |