Computer Security Technology Planning Study. Volume 2

Anderson, James P.

doi:10.21236/ad0772806

Cited by 371 publications

(344 citation statements)

References 0 publications

Supporting

Mentioning

339

Contrasting

Unclassified

Order By: Relevance

“…Their importance was already pointed out in the Anderson report [1]. The paradigmatic Bell-LaPadula model [18], conceived in 1973, constituted the first big effort on providing a formal setting in which to study and reason on confidentiality properties of data in time-sharing mainframe systems.…”

Section: Introductionmentioning

confidence: 99%

Formal Analysis of Android's Permission-Based Security Model

Betarte¹,

Campo²,

Luna³

et al. 2016

SACS

View full text Add to dashboard Cite

In this work we present a comprehensive formal specification of an idealized formulation of Android's permission model. Permissions in Android are basically tags that developers declare in their applications, more precisely in the so-called application manifest, to gain access to sensitive resources. Several analyses have recently been carried out concerning the security of the Android system. Few of them, however, pay attention to the formal aspects of the permission enforcing framework. We provide a complete and uniform formulation of several security properties using the higher order logic of the Calculus of Inductive Constructions and sketch the proofs that have been developed and verified using the Coq proof assistant. We also analyze how the changes introduced in the latest version of Android, that allows to manage permissions at runtime, impact the presented model.

show abstract

Section: Introductionmentioning

confidence: 99%

Formal Analysis of Android's Permission-Based Security Model

Betarte¹,

Campo²,

Luna³

et al. 2016

SACS

View full text Add to dashboard Cite

show abstract

“…Developmental threats include errors made by the development team or the malicious insertion of unintended functionality by adversaries, both of which undermine or subvert the ability of the system to protect itself from tampering or to continuously enforce critical security policy [2,52].…”

Section: Threats and Requirementsmentioning

confidence: 99%

MYSEA: The Monterey Security Architecture

Irvine¹,

Nguyen²,

Shifflett³

et al. 2009

View full text Add to dashboard Cite

Mandated requirements to share information across different sensitivity domains necessitate the design of distributed architectures to enforce information flow policies while providing protection from malicious code and attacks devised by highly motivated adversaries. The MYSEA architecture uses component security services and mechanisms to extend and inter-operate with commodity PCs, commodity client software, applications, trusted components, and legacy single level networks, providing new capabilities for composing secure, distributed multilevel secure solutions. This results in an architecture that meets two compelling requirements: first, that users have a familiar work environment, and, second, that critical mandatory security policies are enforced.

show abstract

“…If the community subject to this policy is small enough, then such enforcement can sometimes be carried out by employing a trusted third party (TTP) to function as a kind of reference monitor [1], which mediates all the interactions subject to it. This has been done by several projects [3,12], mostly in the context of distributed enterprise systems.…”

Section: Introductionmentioning

confidence: 99%

Regularity-Based Trust in Cyberspace

Minsky

2003

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. One can distinguish between two kinds of trust that may be placed in a given entity e (a person or a thing), which we call: familiarity-based trust and regularity-based trust. A familiarity-based trust in e is a trust based on personal familiarity with e, or on testimonial by somebody who is familiar, directly or indirectly, with e; or even on some measure of the general reputation of e. A regularity-based trust is based on the recognition that e belongs to a class, or a community, that is known to exhibits a certain regularity-that is, it is known that all members of this class satisfy a certain property, or that their behavior conforms to a certain law. These two types of trust play important, and complementary, roles in out treatment of the physical world. But, as we shall see, the role of regularity-based trust in out treatment of the cyberspace has been limited so far because of difficulties in establishing such trust it in this context. It is this latter kind of trust, which is the focus of this paper. We will describe a mechanism for establishing a wide range of regularity-based trusts, and will demonstrate the effectiveness of this mechanism, by showing how it can enhance the trustworthiness of a certain type of commercial client-server interactions over the internet.

show abstract

Computer Security Technology Planning Study. Volume 2

Cited by 371 publications

References 0 publications

Formal Analysis of Android's Permission-Based Security Model

Formal Analysis of Android's Permission-Based Security Model

MYSEA: The Monterey Security Architecture

Regularity-Based Trust in Cyberspace

Contact Info

Product

Resources

About