A validated security policy modeling approach

Author

Freeman, J.W. ; Neely, R.B. ; Heckard, M.A.

Author_Institution

CTA Inc., Colorado Springs, CO, USA

fYear

1994

fDate

5-9 Dec 1994

Firstpage

189

Lastpage

200

Abstract

The paper presents a security policy modeling approach that can be applied to many types of systems, including networks and distributed systems. The approach is driven by security requirements and by system architecture. It is compatible with the modeling principles offered by recent modeling guidelines and the TCSEC modeling requirements at the B1-A1 assurance levels. The approach has been validated through its application to various development, certification and research projects, including tactical systems, secure gateways, and C³I systems. The approach presented here has been favorably reviewed by security evaluation teams for government agencies. The paper illustrates the approach by applying it to an example tactical system

Keywords

formal verification; military computing; modelling; security of data; B1-A1 assurance levels; C³I systems; TCSEC modeling requirements; distributed system; government agencies; modeling principles; research project; secure gateways; security evaluation teams; security requirements; system architecture; tactical system; tactical systems; validated security policy modeling approach; Artificial intelligence; Bismuth; Computer security; Embedded system; Government; Guidelines; Information security; Multilevel systems; National security; Springs;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Security Applications Conference, 1994. Proceedings., 10th Annual

Conference_Location

Orlando, FL

Print_ISBN

0-8186-6795-8

Type

conf

DOI

10.1109/CSAC.1994.367308

Filename

367308