ISCM information system conceptual model oriented to security problems and a tool implementing it
This paper deals with a new model of an information system. The model is strongly oriented to security problems and in particular it takes in account all the three parameters of availability, integrity and secrecy as stated in . To represent the system, the model defines entities for the system objects, actions for the interactions between them and activities for the system's functionalities.
Based on this model a tool has been created to implement it. Using this tool a system administrator can describe the system, discover security problems, make queries and perform non-intrusive security checks. This tool and the model which it is based on respond to the need for an advanced security management in an information system both of small and of large dimensions. This work was born to meet the network and security administrators needs collected in a preliminary interviewing phase.
Unable to display preview. Download preview PDF.
- 1.Bussolati U., Fugini N., Martella G.:A conceptual framework for security systems: the action-entity model,IFIP (1983)Google Scholar
- 2.Bell D.E., La Padula L.J.:Secure computer systems: mathematical foundations and model,ESD-TR-73-278Google Scholar
- 3.Castano S., Fugini M., Martella G.:Database security,Addison Wesley (1995)Google Scholar
- 4.Curry D., Longstaff T. et al.:Site Security Handbook. Network Working Group,Request for Comments 1244 (1991)Google Scholar
- 5.Computer Security-Esorics 96. 4th European Symposium on Research in Computer Security,proceedings (1996)Google Scholar
- 6.Fugini M.G., Bellinzona R., Martella G.An Authorisation mechanism for Unixbased Cooperative Environments,Information Systems Vol. 16 No. 5 Pergamon Press (1991)Google Scholar
- 7.Landwehr C.E.:Formal models for computer security,ACM Computing Surveys 13 (3) (1981)Google Scholar
- 8.Siyan K., Hare CAnternet Firewalls and Network Security, New Riders Publishing (1995)Google Scholar