A Comparison of Commercial and Military Computer Security Policies

  title={A Comparison of Commercial and Military Computer Security Policies},
  author={David D. Clark and D. R. Wilson},
  journal={1987 IEEE Symposium on Security and Privacy},
  • D. Clark, D. Wilson
  • Published 27 April 1987
  • Computer Science
  • 1987 IEEE Symposium on Security and Privacy
Most discussions of computer security focus on control of disclosure. In Particular, the U.S. Department of Defense has developed a set of criteria for computer mechanisms to provide control of classified information. However, for that core of data processing concerned with business operation and control of assets, the primary security concern is data integrity. This paper presents a policy for data integrity based on commercial data processing practices, and compares the mechanisms needed for… 

Figures from this paper

Using mandatory integrity to enforce 'commercial' security

  • Theodore M. P. Lee
  • Computer Science
    Proceedings. 1988 IEEE Symposium on Security and Privacy
  • 1988
It is shown two natural extensions-integrity categories and partially trusted subjects-of the principles of current US Department of Defense computer security standards could be used to implement such commercial security policies in a way that exploits the fundamental strengths of existing or future trusted systems.

Computer security

  • D. Gollmann
  • Computer Science
    Worlwide series in computer cience
  • 1999
This work will put various enforcement mechanisms into context with the policies and the IT architectures they were originally designed for in computer security.

A Framework for the Management of Information Security

A model for dealing with high level information security policies and the specification of a notation for expressing information security requirements and of a mechanism to formulate harmonization functions is proposed.

How do you make information security user friendly?

Integrity controls for military and commercial applications

  • R. R. Jueneman
  • Computer Science
    [Proceedings 1988] Fourth Aerospace Computer Security Applications
  • 1988
It is concluded that a mandatory integrity policy consisting of the Biba hierarchical integrity policy extended to include integrity categories and multilevel integrity-trusted subjects, plus a discretionary integrity policy that uses a digital signature mechanism incorporated in a file label to indicate who created or produced that file, can provide integrity controls very well-suited to the networking environment.

Mathematics, Technology, and Trust: Formal Verification, Computer Security, and the U.S. Military

Differences between the cultures of communications security and computer security, the bureaucratic turf war over security, and the emergence and impact of the Department of Defense's Trusted Computer System Evaluation Criteria (the so-called Orange Book) are discussed.

Mandatory Access Control 8.1 Multi-level Security

  • Computer Science
This chapter discusses two popular general-purpose frameworks for specifying MAC policies: domain and type enforcement is reminiscent of a DAC access matrix; role-based access control supports access restrictions that derive from responsibilities an organization assigns to roles.

Information Systems Security: Scope, State-of-the-art, and Evaluation of Techniques

In this paper the Discretionary Models, the Mandatory models, the Personal Knowledge Approach, the Chinese Wall Policy and the Clark and Wilson model of security are evaluated to form a basis for their evaluation and comparison.

Some conundrums concerning separation of duty

  • Michael J. NashK. Poland
  • Computer Science
    Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy
  • 1990
An examination is made of questions concerning commercial computer security integrity policies and it is shown that it implements a well-defined and sensible integrity policy that includes separation of duty, yet fails to meet either the TCSEC or the D.D.R. Wilson (1987) rules.



Integrity Considerations for Secure Computer Systems

The author identifies the integrity problems posed by a secure military computer utility and integrity policies addressing these problems are developed and their effectiveness evaluated.

Non-Discretionery Controls for Commercial Applications

  • S. Lipner
  • Computer Science
    1982 IEEE Symposium on Security and Privacy
  • 1982
The lattice model of non-discretionary access control in a secure computer system was developed in the early Seventies[BIaP]. The model was motivated by the controls used by the Defense Department

Design for Multics Security Enhancements

Abstract : The results of a 1973 security study of the Multics computer system are presented detailing requirements for a new access control mechanism that would allow two levels of classified data


This publication is effective immediately and is mandatory for use by all DoD Components in carrying out ADP system technical security evaluation activities applicable to the processing and storage of classified and other sensitive DoD information and applications as set forth herein.

A hardware architecture for implementing protection rings

Hardware processor mechanisms for implementing concentric rings of protection that allow cross-ring calls and subsequent returns to occur without trapping to the supervisor are described.

Lipner] Lipner, s

  • Lipner] Lipner, s

Secure Computer systems ESD-TR-73-278 (Vol I-III) (also Mitre TR-2547), Mitre Corporation

  • Secure Computer systems ESD-TR-73-278 (Vol I-III) (also Mitre TR-2547), Mitre Corporation
  • 1974