Title :
Specifying security constraints with relaxation lattices
Author :
Herlihy, Maurice P. ; Wing, Jeannette M.
Author_Institution :
Sch. of Comput. Sci., Carnegie-Mellon Univ., Pittsburgh, PA, USA
Abstract :
A description is given of the relaxation lattice approach to specifying graceful degradation for a large class of systems. The method is applied to the security domain by identifying degraded systems behaviors with those that can result from security violations such as a user of one security class obtaining access rights associated with those of a higher class. The method can be used in two ways: (1) as a descriptive technique for specifying the behavior of existing systems in which breaches of security may inadvertently or unavoidably occur; and (2) as a formal design technique for specifying a range of behaviors, from ideal to undesired, of systems to be implemented
Keywords :
automata theory; security of data; access rights; formal design technique; graceful degradation; relaxation lattice; security class; security violations; Computer displays; Computer science; Control systems; Costs; Data security; Degradation; History; Lattices; Privacy; Software systems;
Conference_Titel :
Computer Security Foundations Workshop II, 1989., Proceedings of the
Conference_Location :
Franconia, NH
DOI :
10.1109/CSFW.1989.40586
