The conventional wisdom is that security priorities should be set by risk analysis. However, reality is subtly different: many computer security systems are at least as much about ...
The `Need to Know' concept is often quoted but rarely defined in the literature. In general the principle directs that unless an individual has a specific reason to have acce...
In this paper we describe a new class of tools for protecting computer systems from security attacks. Their distinguished feature is the principle they are based on. Host or netwo...