Title :
A perspective on integrity mechanisms
Author_Institution :
Dept. of Inf. Syst. & Syst. Eng., George Mason Univ., Fairfax, VA, USA
Abstract :
Accepting the common viewpoint that integrity is concerned with information modification rather than information disclosure or information availability, the author considers two views on what nondiscretionary controls are needed for information integrity: (1) Clark and Wilson´s view that some separate mechanisms are required for enforcement of integrity policies, disjoint from those of the Orange Book (TCSEC), and (2) Gasser´s view that techniques to protect against information modifications are almost always the same as (or a subset of) techniques to protect against information disclosure. The author agrees with the Clark-Wilson view, in which integrity requires nondiscretionary access-control mechanisms other than label-based mandatory controls. He lists his objections to Gasser´s view
Keywords :
data integrity; security of data; access-control mechanisms; information integrity; information modifications; integrity; integrity mechanisms; nondiscretionary controls; Access control; Attitude control; Computer science; Control systems; Information security; Information systems; NIST; Protection; Systems engineering and theory;
Conference_Titel :
Computer Security Applications Conference, 1989., Fifth Annual
Conference_Location :
Tucson, AZ
Print_ISBN :
0-8186-2006-4
DOI :
10.1109/CSAC.1989.81062
