Computers at Risk Safe Computing in the Information Age (1991) / Chapter Skim
Currently Skimming:
F Glossary
F Glossary
Pages 286-302
The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.
From page 286... ...
Access level A level associated with a subject (e.g., a clearance level) or with an object (e.g., a classification level)
|
From page 287... ...
Bell and La Padula model An information-flow security model couched in terms of subjects and objects and based on the concept that information shall not flow to an object of lesser or noncomparable classification (Bell and La Padula, 1976~.
|
From page 288... ...
, and against which the product or system can be evaluated. Clark-Wilson integrity model An approach to providing data integrity for common commercial activities, including software engineering concepts of abstract data types, separation of privilege, allocation of least privilege, and nondiscretionary access control (Clark and Wilson, 1987~.
|
From page 289... ...
CoCom Coordinating Committee for Multilateral Export Controls, which began operations in 1950 to control export of strategic materials and technology to communist countries; participants include Australia, Belgium, Canada, Denmark, France, Germany, Greece, Italy, Japan, Luxembourg, the Netherlands, Norway, Portugal, Spain, Turkey, the United Kingdom, and the United States. COMPUSEC Computer security.
|
From page 290... ...
Data Encryption Standard (DES) A popular secret-key encryption algorithm originally released in 1977 by the National Bureau of Standards.
|
From page 291... ...
Discretionary access control (DAC) An access-control mechanism that permits subjects to specify the access controls, subject to constraints such as changes permitted to the owner of an object.
|
From page 292... ...
Information Data to which meaning is assigned, according to context and assumed conventions. Information-flow control Access control based on restricting the flow of information into an object.
|
From page 293... ...
Label A level associated with a subject or object and defining its clearance or classification, respectively. In TCSEC usage, the security label consists of a hierarchical security level and a nonhierarchical security category.
|
From page 294... ...
2. Access controls based on information sensitivity represented, for example, by security labels for clearance and classification (TCSEC usage, roughly RBAC and ADAC)
|
From page 295... ...
Operating system A collection of software programs intended to directly control the hardware of a computer (e.g., input/output requests, resource allocation, data management) , and on which all the other programs running on the computer generally depend.
|
From page 296... ...
Contrast with private key, secret key. Public-key encryption An encryption algorithm that uses a public key to encrypt data and a corresponding secret key to decrypt data.
|
From page 297... ...
Access control based on specific rules relating to the nature of the subject and object, beyond just their identities such as security labels. Contrast with identity-based access control See Mandatory access control.
|
From page 298... ...
Simple security property An information-flow rule stating that a subject at a given security level can read only from an object with a security label that is the same or lower (Bell alla La Padula, 1976~.
|
From page 299... ...
State machine In the classical model of a state machine, the outputs and the next state of the machine are functionally dependent on the inputs and the present state. This model is the basis for all computer systems.
|
From page 300... ...
TCB See Trusted computing base. TCSEC The Department of Defense Trusted Computer System Evaluation Criteria (U.S.
|
From page 301... ...
Virus A program, typically hidden, that attaches itself to other programs and has the ability to replicate. In personal computers, "viruses" are generally Trojan horse programs that are replicated by inadvertent human action.
|
From page 302... ...
ZSI Zentralstelle fur Sicherheit in der Informationstechnik. The German Information Security Agency (GISA)
|
Key Terms
This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More
information on Chapter Skim is available.