• DocumentCode
    1071553
  • Title

    A nonfunctional approach to system integrity

  • Author

    Foley, Simon N.

  • Author_Institution
    Dept. of Comput. Sci., Univ. Coll. Cork, Ireland
  • Volume
    21
  • Issue
    1
  • fYear
    2003
  • fDate
    1/1/2003 12:00:00 AM
  • Firstpage
    36
  • Lastpage
    43
  • Abstract
    Systems provide integrity protection by ensuring that there is no unauthorized modification of information. Traditional models of protection tend to define integrity in terms of ad hoc authorization techniques whose effectiveness is justified more on the basis of experience and "best practice," rather than on any common theoretical foundation. A formal definition of integrity is proposed that is independent of any particular implementation mechanism. A series of simple examples is used to demonstrate that existing integrity mechanisms such as separation of duties, well-formed transactions, and so forth, can be regarded as implementation techniques for achieving integrity. The proposed characterization of integrity is nonfunctional, that is, it falls into the same category of properties as noninterference and its relatives. As a consequence, validating that a system has integrity can be expected to be as challenging as validating that a system upholds noninterference.
  • Keywords
    authorisation; communicating sequential processes; data integrity; duty separation; formal definition; nonfunctional approach; noninterference; system integrity; well-formed transactions; Access control; Authorization; Buildings; Cryptography; Data security; Fault tolerant systems; History; Mechanical factors; Protection; Transaction databases;
  • fLanguage
    English
  • Journal_Title
    Selected Areas in Communications, IEEE Journal on
  • Publisher
    ieee
  • ISSN
    0733-8716
  • Type

    jour

  • DOI
    10.1109/JSAC.2002.806124
  • Filename
    1159653
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1071553