Abstract
A number of formal models have been proposed for computer security, the best known being the Bell and LaPadula model. Formal models provide a solid foundation for security, making it possible to precisely specify security requirements, to reason with mathematical assurance about security issues and to prove security properties formally. However, most security models do not realistically reflect the complexity of current computer systems. The Path Context Model (PCM) is a recent formal security model attempting to solve this problem. A number of aspects of PCM have not yet been defined precisely. This paper starts by giving a formal definition of PCM. It is then shown that it is difficult to protect composite objects—objects consisting of other, less complex objects—with PCM. This problem can be solved by modifying PCM so that every level of such a composite object can do the access checks relevant to that level of the object. This is illustrated in the last section of the paper, where an object-based version of PCM is defined.
Original language | English |
---|---|
Pages (from-to) | 133-144 |
Number of pages | 12 |
Journal | International Journal of Computer Mathematics |
Volume | 49 |
Issue number | 3-4 |
DOIs | |
Publication status | Published - 1 Jan 1993 |
Keywords
- Information security
- Path Context Model (PCM)
- formal grammars
- formal security model
- object-orientation
ASJC Scopus subject areas
- Computer Science Applications
- Computational Theory and Mathematics
- Applied Mathematics