Title :
Formal model of a trusted file server
Author :
Williams, John C. ; Dinolt, George W.
Author_Institution :
Ford Aerosp., San Jose, CA, USA
Abstract :
The authors present a formal, mathematical model for a trusted file server (TFS) for a multilevel secure distributed computer system. The goal is to produce formal verification from the top-level specification down through code for the entire system of which a TFS is one component. By viewing the TFS as a black box, it is possible to specify its security as a relation that must hold invariantly between an output stream of responses and an input stream of requests. Using the proposed approach, the authors have provided a small (perhaps minimal) set of compromise security constraints on the TFS. They have produced an implementation of the TFS in Gypsy and verified that the implementation satisfies this model. It is also shown that the specified relation is stronger than noninterference, and that a noninterference model cannot cover the security-relevant functionality of deleting or changing the size of a file
Keywords :
distributed processing; file servers; security of data; Gypsy; TFS; black box; code; compromise security constraints; formal model; formal verification; input stream; mathematical model; multilevel secure distributed computer system; output stream; relation; requests; responses; top-level specification; trusted file server; Communication channels; Communication system control; Computer architecture; Data security; Distributed computing; File servers; Formal verification; Information security; Mathematical model; Research and development;
Conference_Titel :
Security and Privacy, 1989. Proceedings., 1989 IEEE Symposium on
Conference_Location :
Oakland, CA
Print_ISBN :
0-8186-1939-2
DOI :
10.1109/SECPRI.1989.36290
