Corpus ID: 15407749

Building Chinese Walls in Standard Unix

@inproceedings{FoleyDepartment1996BuildingCW,
  title={Building Chinese Walls in Standard Unix},
  author={Simon N. FoleyDepartment},
  year={1996}
}
The set-user-id facility in Unix can be used to form the basis for the implementation of a wide variety of diierent security policies in Unix. We show how the Chinese Wall security policy can be implemented using this facility. The approach is not appropriate for security critical applications: it serves to illustrate that it can be done in a rather simple way, and may be useful for less critical applications. Our technique also provides an approach to implementing dynamic segregation of duties… Expand
The specification and implementation of “commercial” security requirements including dynamic segregation of duties
TLDR
A framework for the specification of security policies is proposed and the tiamework extends the Clark-Wilson model in that it can be used to specify dynamic segregation of duty. Expand
The Application of Chinese Wall Policy in Data Leakage Prevention
TLDR
The traditional conflict and alliance relationship is extended and an efficient framework ACWF is presented that maintains dynamic relationship between different data objects and provides reference mechanism to confine the corresponding usage domain. Expand
A Fault Recovery Scheme for P2P Metacomputers
TLDR
A method of recovering from faults which exploits the distributed hash table functionality provided by modern overlay networks is presented and its effectiveness is evaluated experimentally using a proof of concept P2P distributed computer. Expand
A N A CCESS C ONTROL M ODEL OF V IRTUAL M ACHINE S ECURITY
Virtualization technology becomes a hot IT technology with the popu-larity of Cloud Computing. However, new security issues arise with it. Specifically, the resources sharing and data communicationExpand
Power Relationships in Information Systems Security Policy Formulation and Implementation
TLDR
This document summarizes current capabilities, research and operational priorities, and plans for further studies that were established at the 2015 USGS workshop on quantitative hazard assessments of earthquake-triggered landsliding and liquefaction. Expand
Brewer and Nash security model
A review of Brewer and Nash security model (1989) and some later improvements.

References

SHOWING 1-10 OF 17 REFERENCES
The Chinese Wall security policy
TLDR
The authors explore a commercial security policy (the Chinese Wall) which represents the behavior required of those persons who perform corporate analysis for financial institutions and concludes that it is perhaps as significant to the financial world as Bell-LaPadula's policies are to the military. Expand
Some conundrums concerning separation of duty
  • Michael J. Nash, K. Poland
  • Computer Science
  • Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy
  • 1990
TLDR
An examination is made of questions concerning commercial computer security integrity policies and it is shown that it implements a well-defined and sensible integrity policy that includes separation of duty, yet fails to meet either the TCSEC or the D.D.R. Wilson (1987) rules. Expand
A Comparison of Commercial and Military Computer Security Policies
TLDR
It is argued that a lattice model is not sufficient to characterize integrity policies, and that distinct mechanisms are needed to Control disclosure and to provide integrity. Expand
Chinese wall security policy-an aggressive model
  • T. Lin
  • Computer Science
  • [1989 Proceedings] Fifth Annual Computer Security Applications Conference
  • 1989
TLDR
A modified Brewer and Nash model without BN-axiom is defined and a new formal model is introduced in which Chinese Walls are built right on the boundary of China-an aggressive model for Chinese Wall security policy. Expand
Secure information flow using security groups
  • S. Foley
  • Computer Science
  • [1990] Proceedings. The Computer Security Foundations Workshop III
  • 1990
TLDR
A new model and approach for secure information flow is described which describes the permitted dissemination of information in the system and attention is given to how other types of security policies can be defined in terms of lattice-based policies. Expand
Lattice-based access control models
TLDR
A balanced perspective on lattice-based access control models is provided and information flow policies, the military lattice,Access control models, the Bell-LaPadula model, the Biba model and duality, and the Chinese Wall lattice are reviewed. Expand
A comparison of type enforcement and Unix setuid implementation of well-formed transactions
  • D. Thomsen, J. Haigh
  • Computer Science
  • [1990] Proceedings of the Sixth Annual Computer Security Applications Conference
  • 1990
TLDR
The effectiveness of two mechanisms for implementing the concept of a well-formed transaction, the Secure Ada Target (SAT) type enforcement mechanism and the Unix setuid mechanism are compared and contrasted. Expand
Secure Computer System: Unified Exposition and Multics Interpretation
TLDR
A suggestive interpretation of the model in the context of Multics and a discussion of several other important topics (such as communications paths, sabotage and integrity) conclude the report. Expand
On the Chinese Wall Model
TLDR
A modified version of the Chinese Wall model is presented and it is proved that the system is “conflict secure”, i.e. a subject can never get information from two or more objects which are in conflict of interest to each other. Expand
Extending the Brewer-Nash model to a multilevel context
  • C. Meadows
  • Computer Science
  • Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy
  • 1990
TLDR
It is shown how the Brewer-Nash Chinese wall model can be extended to a policy for handling the aggregation problem in a multilevel context and a lattice-based information flow policy is derived that is used to develop a security policy. Expand
...
1
2
...