DocumentCode :
2577679
Title :
Some conundrums concerning separation of duty
Author :
Nash, Michael J. ; Poland, Keith R.
Author_Institution :
Gamma Secure Syst. Ltd., Camberley, UK
fYear :
1990
fDate :
7-9 May 1990
Firstpage :
201
Lastpage :
207
Abstract :
An examination is made of questions concerning commercial computer security integrity policies. An example is given of a dynamic separation of duty policy which cannot be implemented by mechanisms based on TCSEC based mechanisms alone, yet occurs in the real commercial world and can be implemented efficiently in practice. A commercial computer security product in wide use for ensuring the integrity of financial transactions is presented. It is shown that it implements a well-defined and sensible integrity policy that includes separation of duty, yet fails to meet either the TCSEC or the D.D. Clark and D.R. Wilson (1987) rules
Keywords :
security of data; computer security integrity; duty policy; dynamic separation; financial transactions; Computer security; Data security; Error correction; Heart; Information security; Information systems; Lattices; Military computing;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Research in Security and Privacy, 1990. Proceedings., 1990 IEEE Computer Society Symposium on
Conference_Location :
Oakland, CA
Print_ISBN :
0-8186-2060-9
Type :
conf
DOI :
10.1109/RISP.1990.63851
Filename :
63851
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2577679
بازگشت