Some Conundrums Concerning Separation of Duty

13 years 8 months ago

Download www.gammassl.co.uk

This paper examines some questions concerning commercial computer security integrity policies. We give an example of a dynamic separation of duty policy which cannot be implemented by TCSEC based mechanisms alone, yet occurs in the real commercial world, and can be implemented efficiently in practice. We examine and describe a commercial computer security product in wide use for ensuring the integrity of financial transactions, show that it implements a well defined and sensible integrity policy that includes separation of duty, yet fails to meet either the TCSEC criteria or the Clark and Wilson rules.

M. J. Nash, K. R. Poland

Real-time Traffic

Integrity | Security Integrity Policies | Security Privacy | Sensible Integrity Policy | SP 1990 |

claim paper

Post Info
More Details (n/a)

Added	11 Aug 2010
Updated	11 Aug 2010
Type	Conference
Year	1990
Where	SP
Authors	M. J. Nash, K. R. Poland

Comments (0)

Sciweavers

Some Conundrums Concerning Separation of Duty

Integrity | Security Integrity Policies | Security Privacy | Sensible Integrity Policy | SP 1990 |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers