• DocumentCode
    3463374
  • Title

    A case-study of security policy for manual and automated systems

  • Author

    Sibley, Edgar H. ; Michael, James B. ; Sandhu, Ravi S.

  • Author_Institution
    Dept. of Inf. & Software Syst. Eng., George Mason Univ., Fairfax, VA, USA
  • fYear
    1991
  • fDate
    24-27 Jun 1991
  • Firstpage
    63
  • Lastpage
    68
  • Abstract
    It is argued that predisposed assumptions in security policy models can leave holes in the security aspects of the information systems that are based on them. In particular, information systems based only on the Bell-LaPadula model (D.E. Bell and L.J. LaPadula, 1976) pose potential problems by allowing new threats to be built in them because the policies are incomplete. A comparison of manual and automated systems is used to demonstrate the derivation of the Bell-LaPadula star-property for automated systems and its analog for manual systems. This exercise aids in producing a policy model based on needs and a perspective on the limitations of classical security policy models
  • Keywords
    data privacy; security of data; Bell-LaPadula model; Bell-LaPadula star-property; automated systems; information systems; manual systems; predisposed assumptions; security policy models; Books; Context modeling; Data security; Humans; Information security; Information systems; Operating systems; Permission; Software systems; Systems engineering and theory;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Assurance, 1991. COMPASS '91, Systems Integrity, Software Safety and Process Security. Proceedings of the Sixth Annual Conference on
  • Conference_Location
    Gaithersburg, MD
  • Print_ISBN
    0-7803-0126-9
  • Type

    conf

  • DOI
    10.1109/CMPASS.1991.161040
  • Filename
    161040
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3463374