Using Proven Reference Monitor Patterns for Security Evaluation

Using Proven Reference Monitor Patterns for Security Evaluation

The most effective approach to evaluating the security of complex systems is to deliberately construct the systems using security patterns specifically designed to make them evaluable. Just such an integrated set of security patterns was created decades ago based on the Reference Monitor abstraction...

Full description

Bibliographic Details
Main Authors: Mark R. Heckman, Roger R. Schell
Format: Article
Language:English
Published: MDPI AG 2016-04-01
Series:Information
Subjects:
security pattern
Reference Monitor
security kernel
TCSEC
Orange Book
TNI
Mandatory Access Control (MAC)
Online Access:http://www.mdpi.com/2078-2489/7/2/23
id doaj-7a4788ad52e944879af1137066a5f660
record_format Article
spelling doaj-7a4788ad52e944879af1137066a5f6602020-11-25T02:19:16ZengMDPI AGInformation2078-24892016-04-01722310.3390/info7020023info7020023Using Proven Reference Monitor Patterns for Security EvaluationMark R. Heckman0Roger R. Schell1Center for Cyber Security Engineering and Technology, University of San Diego, San Diego, CA 92110, USAAesec Corporation, Palo Alto, CA 94301, USAThe most effective approach to evaluating the security of complex systems is to deliberately construct the systems using security patterns specifically designed to make them evaluable. Just such an integrated set of security patterns was created decades ago based on the Reference Monitor abstraction. An associated systematic security engineering and evaluation methodology was codified as an engineering standard in the Trusted Computer System Evaluation Criteria (TCSEC). This paper explains how the TCSEC and its Trusted Network Interpretation (TNI) constitute a set of security patterns for large, complex and distributed systems and how those patterns have been repeatedly and successfully used to create and evaluate some of the most secure government and commercial systems ever developed.http://www.mdpi.com/2078-2489/7/2/23security patternReference Monitorsecurity kernelTCSECOrange BookTNIMandatory Access Control (MAC)
collection DOAJ
language English
format Article
sources DOAJ
author Mark R. Heckman
Roger R. Schell
spellingShingle Mark R. Heckman
Roger R. Schell
Using Proven Reference Monitor Patterns for Security Evaluation
Information
security pattern
Reference Monitor
security kernel
TCSEC
Orange Book
TNI
Mandatory Access Control (MAC)
author_facet Mark R. Heckman
Roger R. Schell
author_sort Mark R. Heckman
title Using Proven Reference Monitor Patterns for Security Evaluation
title_short Using Proven Reference Monitor Patterns for Security Evaluation
title_full Using Proven Reference Monitor Patterns for Security Evaluation
title_fullStr Using Proven Reference Monitor Patterns for Security Evaluation
title_full_unstemmed Using Proven Reference Monitor Patterns for Security Evaluation
title_sort using proven reference monitor patterns for security evaluation
publisher MDPI AG
series Information
issn 2078-2489
publishDate 2016-04-01
description The most effective approach to evaluating the security of complex systems is to deliberately construct the systems using security patterns specifically designed to make them evaluable. Just such an integrated set of security patterns was created decades ago based on the Reference Monitor abstraction. An associated systematic security engineering and evaluation methodology was codified as an engineering standard in the Trusted Computer System Evaluation Criteria (TCSEC). This paper explains how the TCSEC and its Trusted Network Interpretation (TNI) constitute a set of security patterns for large, complex and distributed systems and how those patterns have been repeatedly and successfully used to create and evaluate some of the most secure government and commercial systems ever developed.
topic security pattern
Reference Monitor
security kernel
TCSEC
Orange Book
TNI
Mandatory Access Control (MAC)
url http://www.mdpi.com/2078-2489/7/2/23
work_keys_str_mv AT markrheckman usingprovenreferencemonitorpatternsforsecurityevaluation
AT rogerrschell usingprovenreferencemonitorpatternsforsecurityevaluation
_version_ 1724877241719980032

Similar Items