As more business activities are being automated and an increasing number of computers are being used to store vital and sensitive information the need for secure computer systems becomes more apparent. These systems can be achieved only through systematic design; they cannot be achieved through haphazard seat-of-the-pants methods. This paper introduces some known threats to the computer securit...

In this chapter I present a process algebraic approach to the modelling of security properties and policies. I will concentrate on the concept of secrecy, also known as confidentiality, and in particular on the notion of non-interference. Non-interference seeks to characterise the absence of information flows through a system and, as such, is a fundamental concept in information security. A cen...

Until recently, computer security was an obscure discipline that seemed to have little relevance to everyday life. With the rapid growth of the Internet, e-commerce, and the widespread use of computers, computer security touches almost all aspects of daily life and all parts of society. Even those who do not use computers have information about them stored on computers. This paper reviews some ...

Traditionally, computer security has focused on containing the effects of malicious users or malicious programs. However, as programs become more complex, an additional threat arises: malicious data. This threat arises because apparently benign programs can be made malicious, or subverted, by introduction of an attacker’s data—data that is interpreted as instructions by the program to perform a...

Historically, computer security has its roots in the military domain with its hierarchical structures and clear and normative rules that are expected to be obeyed (Adams & Sasse, 1999). The technical expertise necessary to administer most security tools stems back to the time where security was the matter of trained system administrators and expert users. A considerable amount of money and expe...

Details of a planning study for USAF computer security requirements are presented. An Advanced development and Engineering program to obtain an open-use, multilevel secure computing capability is described. Plans are also presented for the related developments of communications security products and the interim solution to present secure computing problems. Finally a Exploratory development pla...

The first of my four lectures on the logical foundations of computer security will establish the mathematical setting in which we will work, namely computational type theory. In this setting we can pursue algorithmic ideas from their natural expression in computer science articles to their codification in executable systems and finally to their incorporation into formal arguments that a system ...

This paper studies the issue of using the wearable computer as a remote sensing device of a large-scale factory. The infrastructure of ubiquitous security environment to realize the remote sensing capability for the security guard is presented in this paper. This paper also scheme out a wearable computing scenario for the security guard under such a ubiquitous security environment. That is, thr...