An integrated framework for security and dependability

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

An integrated framework for security and dependability

Full text

Pdf (666 KB)

Source

New Security Paradigms Workshop archive
Proceedings of the 1998 workshop on New security paradigms table of contents

Charlottesville, Virginia, United States

Pages: 22 - 29

Year of Publication: 1998

ISBN:1-58113-168-2

Author

Erland Jonsson

Department of Computer Engineering, Chalmers University of Technology, SE-412 96 Goteborg, Sweden

Sponsor

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 18, Downloads (12 Months): 104, Citation Count: 3

Additional Information:

references cited by index terms collaborative colleagues peer to peer

Tools and Actions:	Review this Article Save this Article to a Binder Display Formats: BibTex EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/310889.310903 What is a DOI?

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Jim Alves-Foss , Salvador Barbosa, Assessing computer security vulnerability, ACM SIGOPS Operating Systems Review, v.29 n.3, p.3-13, July 1995 [doi>10.1145/206826.206829]
	2	Jean Arlat , Karama Kanoun , Jean-Claude Laprie, Dependability Modeling and Evaluation of Software Fault-Tolerant Systems, IEEE Transactions on Computers, v.39 n.4, p.504-513, April 1990 [doi>10.1109/12.54843 ]
	3	D. Bell, L. LaPadula, "Secure Computer Systems: Mathematical Foundations and Model", MITRE Report MTR 2547, Vol. 2, Nov. 1973.
	4	K.J. Biba, "Integrity Considerations for Secure Computer Systems", Technical Report No. ESD-TR-76-372, Electronic Systems Division, US Air Force, Hanscom Field, Bedford, MA, 1977.
	5	S. Brocklehurst, B. Littlewood, T. Olovsson, E. Jonsson: "On Measurement of Operational Security", in Proceedings of the Ninth Annual IEEE Conference on Computer Assurance, COMPASS'94, Gaithersburg, Maryland, USA, June 29-July 1, pp. 257-266. 1994.
	6	A. Burns , J. McDermid , J. Dobson, On the meaning of safety and security, The Computer Journal, v.35 n.1, p.3-15, 1992 [doi>10.1093/comjnl/35.1.3]
	7	Silvana Castano , Maria Grazia Fugini , Giancarlo Martella , Pierangela Samarati, Database security, ACM Press/Addison-Wesley Publishing Co., New York, NY, 1995
	8	Canadian Trusted Computer Product Evaluation Criteria, Version 3.0e, Canadian System Security center, Communications Security Establishment Government of Canada, 1993.
	9	M. Dacier: Vers une evaluation quantitative de la securite informatique, Doctoral thesis, LAAS Report No 94488, LAAS/CNRS, Toulouse, December 1994. (In French).
	10	J. da Silva Fraga, D. Powell, "A Fault- and Intrusion- Tolerant File System", Proc. of the 3rd International Conference on Computer Security, IFIP/SEC '85, Dublin, Ireland, Aug. 1985. pp. 203-218.
	11	C. J. Date, An introduction to database systems: vol. 1 (5th ed.), Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1990
	12	D. E. Denning: "Secure Databases and Safety: Some unexpected conflicts," pp. 101-111 in T. Anderson (editor): Safe & Secure Computing Systems, Blackwell Scientific Publications, ISBN 0-632-01819-4, 1989.
	13	Dorothy E. Denning, A new paradigm for trusted systems, Proceedings on the 1992-1993 workshop on New security paradigms, p.36-41, August 1993, Little Compton, Rhode Island, United States [doi>10.1145/283751.283772]
	14	Y. Deswarte, L. Blain, J-C. Fabre, "Intrusion Tolerance in Distributed Computer Systems", IEEE Symposium on Security and Privacy, IEEE Computer Society Press, 1991. pp. 110-121.
	15	J. Dobson, J. McDermid, B. Randell: "On the Trustworthiness of Computer Systems", ESPRIT/BRA Project 3092 Technical Report Series No. 14, 1990.
	16	Federal Criteria for Information Security Technology, Draft, National Institute of Standards and technology (NIST) and National Security Agency (NSA), 1992.
	17	G. Graham, P. Denning, "Protection - Principles and Practice", Proc. 1972 AFIPS Spring Joint Computer Conference, AFIPS Press. pp. 417-429.
	18	Ulf Gustafson , Erland Jonsson , Tomas Olovsson, On the modelling of preventive security based on a PC network intrusion experiment, Proceedings of the First Australasian Conference on Information Security and Privacy, p.242-252, June 24-26, 1996
	19	D. Heimann, N. Mittal, K. Trivedi, "Dependability Modeling for Computer Systems" in Proc. of the Annual Reliability and Maintainability Symposium, 1991. pp. 120-127.
	20	International Standards Organization: Information Processing Systems - Open Systems Interconnection - Basic Reference Model, part 2: Security Architecture 7498/2.
	21	Information Technology Security Evaluation Criteria (ITSEC), Provisional Harmonized Criteria, December 1993. ISBN 92-826-7024-4.
	22	Japanese Computer Security Evaluation Criteria - Functionality Requirements, Draft version 1.0, Ministry of International Trade and Industry (MITI), 1992.
	23	E. Jonsson, T. Olovsson, "On the Integration of Security and Dependability in Computer Systems", iASTED International Conference on Reliability, Quality Control and Risk Assessment, Washington, Nov. 4-6, 1992. ISBN 0-88986-171-4, pp. 93-97.
	24	E. Jonsson, "A Unified Approach to Dependability Impairments in Computer Systems", IASTED International Conference on Reliability, Quality Control and Risk Assessment, Cambridge, MA, Oct. 18-20 1993, ISBN 0-88986-181-1, pp. 173-178.
	25	E. Jonsson, M. Andersson, S. Asmussen, "A Practical Dependability Measure for Degradable Computer Systems with Non-exponential Degradation", Proceedings of the IFAC Symposium on Fault Detection, Supervision and Safety for Technical Processes, SAFEPRO- CESS'94, Espoo, Finland, vol. 2, June 13-15, 1994. pp. 227-233.
	26	Erland Jonsson , Mikael Andersson, On the quantitative assessment of behavioural security, Proceedings of the First Australasian Conference on Information Security and Privacy, p.228-241, June 24-26, 1996
	27	Erland Jonsson , Tomas Olovsson, A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior, IEEE Transactions on Software Engineering, v.23 n.4, p.235-245, April 1997 [doi>10.1109/32.588541 ]
	28	M.K. Joseph: "Integration Problems in Fault-Tolerant, Secure Computer Design," pp. 347-364 in A.Avizienis. J.C. Laprie (editors): Dependable Computing for Critical Applications, Springer-Verlag, N.Y., ISBN 3-211- 82249-6, 1991.
	29	J. M. Juran, "Juran's Quality Control Handbook" 4th ed., McGraw-Hill, N.Y., 1988. ISBN 0-07-033176-6. pp. 2.8ff.
	30	Butler W. Lampson, Protection, ACM SIGOPS Operating Systems Review, v.8 n.1, p.18-24, January 1974 [doi>10.1145/775265.775268]
	31	Carl E. Landwehr, Formal Models for Computer Security, ACM Computing Surveys (CSUR), v.13 n.3, p.247-278, Sept. 1981 [doi>10.1145/356850.356852]
	32	J. C. Laprie, A. Costes: "Dependability: A unifying concept for reliable computing", in Proc. 12th IEEE International Symposium on Fault-Tolerant Computing (FTCS-12), June 1982, pp 18-21.
	33	J.C. C. Laprie , A. Avizienis , H. Kopetz, Dependability: Basic Concepts and Terminology, Springer-Verlag New York, Inc., Secaucus, NJ, 1992
	34	B. Littlewood, S. Brocklehurst, N.E. Fenton, P. Mellor, S. Page, D. Wright, J.E. Dobson, J.A. McDermid and D. Gollmann, "Towards Operational Measures of Computer Security", Journal of Computer Security, vol. 2, no. 3. 1994.
	35	J. McDermid, "On Dependability, Its Measurement and Its Management", in High Integrity Systems, Vol. 1, No. 1, 1994, Oxford University Press, pp. 17-26.
	36	Sead Muftic, Security mechanisms for computer networks, Halsted Press, New York, NY, 1989
	37	Peter G Neumann: "Computer system security evaluation", in 1978 National Computer Conference, AFIPS Conf. Proceedings 47, Arlington, VA, pp 1087-1095.
	38	National Institute of Standards and Technology: Glossary of Computer Security Terms, NSC-TG-O04 version. 1, ("Aqua Book"), Oct. 21, 1988.
	39	Glenford J. Myers, Art of Software Testing, John Wiley & Sons, Inc., New York, NY, 1979
	40	T. Olovsson, E. Jonsson, S. Brocklehurst, B. Littlewood: "Data Collection for Security Fault Forecasting: Pilot Experiment", Technical Report No 167, Department of Computer Engineering, Chalmers University of Technology, 1992 and ESPRIT/BRA Project No 6362 (PDCS2) First Year Report, Toulouse Sept. 1993, pp 515-540.
	41	T. Olovsson, E. Jonsson, S. Brocklehurst, B. Littlewood: "Towards Operational Measures of Computer Security: Experimentation and Modelling", Technical Report No 236, Department of Computer Engineering, Chalmers University of Technology, 1995 and in B. Randell et al. (editors.): Predictably Dependable Computing Systems, ESPRIT Basic Research Series, Springer Verlag, 1995, ISBN 3-540-59334-9, pp 555- 572.
	42	G. Rubino, B. Sericola, "Successive Operational Periods as Measures of Dependability" in Dependable Computing for Critical Applications (editors A. Avizieniz et al.), Springer Verlag, ISBN 3-211-82249-6, 1991, pp. 239-254.
	43	Ravi S. Sandhu, The Typed Access Matrix Model, Proceedings of the 1992 IEEE Symposium on Security and Privacy, p.122, May 04-06, 1992
	44	B. C. Soh, T. S. Dillon," System Intrusion Detection: Model, Design and Analysis", Pacific Rim International Symposium on Fault-Tolerant Computing, Dec. 16-17, 1993, (PRFTS' 93), Melbourne, Australia, CRT Publishing Ltd, London. pp. 85-90.
	45	D.E Sterne, "On the Buzzword Security Policy", IEEE Symposium on Security & Privacy, 1991, pp. 219 - 230.
	46	Trusted Computer System Evaluation Criteria ("orange book"), National Computer Security Center, Department of Defense, No DOD 5200.28.STD, 1985.

CITED BY 3

	Brian Whitworth , Jerry Fjermestad , Edward Mahinda, The web of system performance, Communications of the ACM, v.49 n.5, p.92-99, May 2006
	Marco D. Aime , Andrea Atzeni , Paolo C. Pomi, AMBRA: automated model-based risk analysis, Proceedings of the 2007 ACM workshop on Quality of protection, October 29-29, 2007, Alexandria, Virginia, USA
	Erland Jonsson , Lars Strömberg , Stefan Lindskog, On the functional relation between security and dependability impairments, Proceedings of the 1999 workshop on New security paradigms, p.104-111, September 22-24, 1999, Caledon Hills, Ontario, Canada

INDEX TERMS

Primary Classification:
K. Computing Milieux
K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS

Additional Classification:
K. Computing Milieux
K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS
K.6.4 System Management
Subjects: Quality assurance

General Terms:
Reliability, Security

Keywords:
computer security, concepts, confidentiality, dependability, measure, modellings

Collaborative Colleagues:

Erland Jonsson: colleagues

Peer to Peer - Readers of this Article have also read:

Open signaling for ATM, internet and mobile networks (OPENSIG'98) ACM SIGCOMM Computer Communication Review 29, 1
Andrew T. Campbell , Irene Katzela , Kazuho Miki , John Vicente
Active bridging ACM SIGCOMM Computer Communication Review 27, 4
D. Scott Alexander , Marianne Shaw , Scott M. Nettles , Jonathan M. Smith
Active electronic mail Proceedings of the 2002 ACM symposium on Applied computing
S. Karnouskos , A. Vasilakos
Object-oriented database management system for process control systems—development and evaluation Proceedings of the 1999 ACM symposium on Applied computing
Ryuji Wakizono , Toshikazu Kawamura , Takehiko Tsuchiya , Takahiro Hatanaka , Tatsuji Tanaka
Data structures for quadtree approximation and compression Communications of the ACM 28, 9
Hanan Samet

Adobe Acrobat

QuickTime

Windows Media Player

Real Player