Title :
The Chinese Wall security policy
Author :
Brewer, David F C ; Nash, Michael J.
Abstract :
The authors explore a commercial security policy (the Chinese Wall) which represents the behavior required of those persons who perform corporate analysis for financial institutions. It can be distinguished from Bell-LaPadula-like policies by the way that a user´s permitted accesses are constrained by the history of his previous accesses. It is shown that the formal representation of the policy correctly permits a market analyst to talk to any corporation which does not create a conflict of interest with previous assignments. The Chinese Wall policy combines commercial discretion with legally enforceable mandatory controls. It is required in the operation of many financial services organizations; the authors conclude that it is, therefore, perhaps as significant to the financial world as Bell-LaPadula´s policies are to the military
Keywords :
DP management; professional aspects; security of data; Chinese Wall security policy; behavior; commercial discretion; corporate analysis; financial institutions; formal representation; mandatory controls; market analyst; permitted accesses; Business; Computer security; Information analysis; Information security; Information systems; Mathematical model; Military computing; Motion pictures; Permission; Visualization;
Conference_Titel :
Security and Privacy, 1989. Proceedings., 1989 IEEE Symposium on
Conference_Location :
Oakland, CA
Print_ISBN :
0-8186-1939-2
DOI :
10.1109/SECPRI.1989.36295
