Bestimmung der Sicherheit durch formale Ansätze

Schmitz, Roland; Kriha, Walter

doi:10.1007/978-3-540-78959-8_14

Bestimmung der Sicherheit durch formale Ansätze

Roland Schmitz³ &
Walter Kriha³

Chapter
First Online: 01 January 2009

2974 Accesses

Part of the book series: Xpert.press ((XPERT.PRESS))

This is a preview of subscription content, log in via an institution.

eBook: USD 19.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

M. Bleyh, Modellierung operationaler Aspekte von Systemarchitekturen, Diplomarbeit an der Hochschule der Medien 2006, Präsentation downloadbar unter http://www.kriha.de/krihaorg/dload/bleyh.pdf
Google Scholar
M. Bishop, Computer Security – Art and Science, MacMillan Technical Publishing 2002
Google Scholar
W.E. Boebert, On the Inability of an Unmodified Capability Machine to Enforce the *-Property, 7th DOD/NBS Computer Security Conference, 1984, http://zesty.ca/capmyths/boebert.html
Google Scholar
H. Gallaire, J. Minker (eds), Logic and Data Bases. Perseus Publishing, 1978, 0.1.3
Google Scholar
N. Hardy, The confused deputy: (or why capabilities might have been invented), SIGOPS Oper. Syst. Rev. 22(4), (1988), 36–38
Article Google Scholar
G. Heiser, The Role of Virtualization in Embedded Systems, 1st Workshop on Isolation and Integration in Embedded Systems, Glasgow, UK, April, 2008, http://www.ertos.nicta.com.au/publications/papers/Heiser_08.pdf
Google Scholar
G. Heiser, K. Elphinstone, I. Kuz, G. Klein, S.M. Petters, Towards Trustworthy Computing Systems: Taking Microkernels to the Next Level. ACM Operating Systems Review, 41(4), (July, 2007), 3–11, http://ertos.nicta.com.au/publications/papers/Heiser_EKKP_07.pdf
Google Scholar
M. Hafner, R. Mair, R. Breu, B. Agreiter, S. Unterthiner, T. Schabetsberger, HEALTH@NET – Die Verteilte Elektronische Gesundheitsakte. Eine Fallstudie in Modell-Getriebenem Security Engineering. In: Innovationsmotor IT-Sicherheit, Tagungsband zum 10. Deutschen IT-Sicherheitskongress, BSI Bonn, 2007
Google Scholar
R.J. Hansen, M.L. Patterson: Guns and Butter: Towards Formal Axioms of Input Validation, http://www.blackhat.com/presentations/bh-usa-05/BH_US_05-Hansen-Patterson/HP2005.pdf
Google Scholar
M. Harrison, W. Ruzzo, J. Ullman, Protection in Operating Systems, Communications of the ACM 19 (8), (1976), 461-471
Article MATH MathSciNet Google Scholar
J. Jürjens, Secure Systems Development with UML, Springer 2005
Google Scholar
B.W. Lampson: A note on the confinement problem. Commun. ACM 16(10) (1973) 613–615
Article Google Scholar
M.S. Miller, J. Shapiro, Paradigm Regained: Abstraction Mechanisms for Access Control. In: 8^th Asian Computing Science Conference (ASIAN03), (December 2003) 224–242
Google Scholar
M.S.Miller, M.Stiegler, T.Close, B.Frantz, K.P.Yee, C. Morningstar, J.Shapiro, N.Hardy, Tribble, E.D., Barnes, D., Bornstien, D., Wilcox-O’Hearn, B., Stanley, T., Reid, K., Bacon, D.: E: Open source distributed capabilities (2001) Available at http://www.erights.org.
Google Scholar
J. H. Saltzer, M.D. Schroeder, The Protection of Information in Computer Systems, 1973, online verfügbar unter http://www.cs.virginia.edu/∼evans/cs551/saltzer/
Google Scholar
M. Schmidt, Host Intrusion Detection Systeme, Diplomarbeit an der Hochschule der Medien, 2007, Kapitel 4: Ausnutzen mehrfachen Encodings
Google Scholar
J. Shapiro, The Practical Application of a Decidable Access Model. SRL Technical Report SRL 2000-01, Johns Hopkins University, http://srl.cs.jhu.edu/pubs/SRL2003-04.pdf
Google Scholar
F. Spiessens, M. Miller, P. Van Roy, J. Shapiro, Authority Reduction in Protection Systems. http://www.info.ucl.ac.be/∼fsp/ARS.pdf, 2004
Google Scholar
F. Spiessens, Patterns of Safe Collaboration. PhD thesis, Université catholique de Louvain, Louvainla-Neuve, Belgium (February 2007)
Google Scholar
S. Strobel, Applikationssicherheit – mehr als Härten und Patchen von Syste-men, http://www.cirosec.de/deutsch/presse/veroeffentlichungen/ Applikationsssicherheit.html
Google Scholar
http://www.technicalinfo.net/papers/CSS.html
Google Scholar
M. V. Tripunitara, N. Li, The Foundational Work of Harrison-Ruzzo-Ullmann Revisited, Dept. of Computer Science, Purdue University
Google Scholar
P. van Roy, F. Spiessens, A Practical Formal Model for Safety Analysis in Capability Based Systems, In: TGC 2005, Volume 3705 of Lecture Notes in Computer Science, Springer-Verlag 2005, 248–278
Google Scholar
P. van Roy, S. Haridi, Concepts, Techniques and Models of Computer Programming, 2004, MIT Press
Google Scholar
D.S.Wallach, D. Balfanz, D.Dean, E.W. Felten.: Extensible security architectures for java. In: Proceedings of the sixteenth ACM symposium on Operating systems principles, ACM Press (1997) 116–128
Google Scholar

Download references

Author information

Authors and Affiliations

Hochschule der Medien, FH Stuttgart, Nobelstraße 10, 70569, Stuttgart, Deutschland
Roland Schmitz & Walter Kriha

Authors

Roland Schmitz
View author publications
You can also search for this author in PubMed Google Scholar
Walter Kriha
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Walter Kriha .

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Schmitz, R., Kriha, W. (2009). Bestimmung der Sicherheit durch formale Ansätze. In: Sichere Systeme. Xpert.press. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-78959-8_14

Download citation

DOI: https://doi.org/10.1007/978-3-540-78959-8_14
Published: 28 March 2009
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-78958-1
Online ISBN: 978-3-540-78959-8
eBook Packages: Computer Science and Engineering (German Language)

Publish with us

Policies and ethics

Buying options