Elsevier

Computers & Security

Volume 7, Issue 6, December 1988, Pages 563-573
Computers & Security

Implementing multilevel security by violation privilege

https://doi.org/10.1016/0167-4048(88)90008-9Get rights and content

Abstract

A multilevel secure information system should be able to support a security structure consisting of a hierarchically defined sensitivity structure containing n levels and a category structure containing m compartments. It should simultaneously protect its contents from unauthorized disclosure arising from either access control violation or leakage, and from improper modification. The protection should not interfere with the efficient processing of information. The system should be able to provide for its own security using trusted hardware or software.

The system of controls described in this report will accomplish all these objectives. Furthermore, it will incorporate defenses against the following threats: unplanned delay, unauthorized erasure or destruction, aggregation, inference, spoofing, infiltration, residual images, computer viruses, and post-engagement disclosure.

References (21)

  • T.F. Lunt et al.

    Element-level classification with A1 assurance

    Comput. Secur.

    (1988)
  • J.P. Anderson

    Computer security technology study

  • D.E. Bell et al.

    Secure computer systems

  • K.J. Biba

    Integrity considerations for secure computer design

  • J.M. Carroll et al.

    Design of a secure relational database

  • F. Cohen

    Computer viruses

  • U.S. Department of Defense

    Trusted computer system evaluation criteria

    CSD-STD-001-83

    (August 15, 1983)
  • U.S. Department of Defense

    Password management guidelines

    CSD-STD-002-85

    (April 12, 1985)
  • D.E.R. Denning

    A lattice model of secure information flow

    Commun. ACM

    (1976)
  • D.E.R. Denning et al.

    The tracker: a threat to statistical database security

    ACM Trans. Database Syst.

    (1980)
There are more references available in the full text version of this article.

Cited by (0)

Dr. John M. Carroll is a professor in the Computer Science Department at The University of Western Ontario. He has been active in computer security research since 1968. The second edition of his book, Computer Security, was published by Butterworths in 1987.

Department of Computer Science, The University of Western Ontario, London, Canada N6A 5B7.

View full text