Abstract
This paper addresses to the technique of security evaluation based on security attributes analysis in discretionary access control. A multi-level framework is built to calculate a set of effective user’s permissions automatically. Information about the effective access rights is necessary during security verification procedure. In this paper we also propose a schema of Security Evaluation System.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
http://www.kb.cert.org/vuls/id/181038 http://secunia.com/advisories/18255
Dillard, K., Maldonado, J., Warrender, B.: Microsoft Solutions for Security. Windows Server 2003 Security Guide. Microsoft (2003)
Common Criteriag. ISO/IEC 15408. Information technology. Security techniques. Evaluation criteria for IT security (2005)
Jajodia, S., Samarati, P., Subrahmanian, V.S.: A Logical Language for Expressing Authorizations. In: Proc. of the IEEE Symposium on Security and Privacy, IEEE Computer Society Press, Los Alamitos (1997)
Hoagland, J.A., Panday, R., Levitt, K.N.: Security Policy Specification Using a Graphical Approach. Tech. report CSE-98-3 (1998)
Dai, J., Alves-Foss, J.: A Formal Authorization Policy Model. Proc. Software Engineering Research & Applications (2003)
Ou, X., Govindavajhala, S., Appel, A.W.: MulVAL: A logic-based network security analyzer. In: 14th USENIX Security Symposium (2005)
Windows Access Control Demystified. Technical Report TR-744-06
Harrison, M.H., Ruzzo, W.L., Ullman, J.D.: Protection in operating systems. Communications of the ACM 19(8) (1976)
LaPadula, L.J., Bell, D.E.: Secure computer systems: A mathematical model, ESD-TR-278, V. 2, The Mitre Corp. (1973)
Ferraiolo, D., Kuhn, R.: Role-based access controls. In: Proc. of the 15th NIST-NCSC National Computer Security Conference (1992)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zegzhda, P.D., Zegzhda, D.P., Kalinin, M.O. (2007). A New Approach to Security Evaluation of Operating Systems. In: Gorodetsky, V., Kotenko, I., Skormin, V.A. (eds) Computer Network Security. MMM-ACNS 2007. Communications in Computer and Information Science, vol 1. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-73986-9_22
Download citation
DOI: https://doi.org/10.1007/978-3-540-73986-9_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-73985-2
Online ISBN: 978-3-540-73986-9
eBook Packages: Computer ScienceComputer Science (R0)