A Comment on the 'Basic Security Theorem' of Bell and LaPadula
نویسنده
چکیده
Many claim that the security model developed by Bell and LaPadula and used as a basis for numerous prototype military computer systems is superior to others partly because its authors prove a "Basic Security Theorem" that applies to it. This paper shows that the theorem does not support such claims since it can be proven for security models that are obviously not secure. Further, the theorem provides little help to those who design and implement secure systems.
منابع مشابه
Authorization and antichains
Access control has been an important issue in military systems for many years and is becoming increasingly important in commercial systems. There are three important access control paradigms: the Bell-LaPadula model, the protection matrix model and the role-based access control model. Each of these models has its advantages and disadvantages. Partial orders play a significant part in the role-b...
متن کاملA full formalisation of the Bell and La Padula security model
Information access control programs are based on a security policy model. Flaws in them may come from a lack of precision or some incoherences in the policy model or from inconsistencies between the model and the code. In this paper, we build a full mechanized formalization of the well-known Bell and LaPadula policy model, checking all the steps of the proofs. Then, we derive automatically a pr...
متن کاملAbout Security Models
A method for evaluating security models is developed and applied to the model of Bell and LaPadula. The method shows the inadequacy of the Bell and LaPadula model, in particular,and the impossibilityof any adequate definitionof a secure system based solely on the notion of a secure state. The implications for the fruitfulnessof seeking a global definition of a secure system and for the state of...
متن کاملA Case - Study of Security Policy for Manual and Automated Systems
The assumptions underlying security policy models, such as the Bell-LaPadula model, are usually not explicitly stated. This has led to several common misconceptions about this model and its scope. A comparison of manual and automated systems is used to demonstrate the derivation of the Bell-LaPadula ?property (pronounced star-property) for automated systems and its analog for manual systems. Th...
متن کاملA Security Model for Military Message Systems: Retrospective
2 Military systems that process classified information must operate in a secure manner; that is, they must adequately protect information against unauthorized disclosure, modification, and withholding. A goal of current research in computer security is to facilitate the construction of multilevel secure systems, systems that protect information of different classifications from users with diffe...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Inf. Process. Lett.
دوره 20 شماره
صفحات -
تاریخ انتشار 1985