NSPW

A method of treating several unspecified policies is presented. Precise notions of policy combination, policy conflict, conflict resolution, and policy precedence are introduced. Necessary and sufficient conditions for policies to be combined without ...

This paper addresses the problem of analysing an information system for security flaws or vulnerabilities in a way that is analogous to the analysis of a safety-critical system. In particular, instead of adopting the approach that security is a property ...

This paper addresses the problem of analysing an information system for security flaws or vulnerabilities in a way that is analogous to the analysis of a safety-critical system. In particular, instead of adopting the approach that security is a property ...

The shift by health care organizations to integrated care with an outpatient emphasis requires the development of a new generation of multifaceted electronic medical record systems to coordinate these services. This paper introduces the context of ...

An Electronic Medical Record (EMR) must provide a secure, permanent archive for an individual's medical records and also function as a multi-purpose database that supports the complex, varied activities of patient care. Meeting these objectives requires ...

Computer are finite discrete machines, the set of real numbers is an infinite continuum. So real numbers in computers are approximation. Rough set theory is the underlying mathematics. A “computer” version of Weistrass theorem states that every sequence,...

Computer are finite discrete machines, the set of real numbers is an infinite continuum. So real numbers in computers are approximation. Rough set theory is the underlying mathematics. A “computer” version of Weistrass theorem states that every sequence,...

This paper presents a new formal approach to the definition of confidentiality in multilevel logic databases. We regard a multilevel secure database as an extension of an open database which preserves the database-semantics. We give four definitions of ...

This paper questions some of the basic assumptions of computer security in the context of keeping secrets, and it finds some major discrepancies. It then proposes a new paradigm for functional security in computer systems.

The first conclusion of the ...

The development of a security system is generally performed through a multiphase methodology, starting from the initial preliminary analisys of the application environment, up to the physical implementation of the security mechanisms. In this framework, ...

Common security models provide protection in an hierarchical fashion (i.e. there is a trusted core with outer circles of less secure code and data). There is only one method of providing protection. This model makes it difficult to protect code and data ...

There is a wide disparity between cryptographic algorithms as specified by researchers and cryptographic algorithms as implemented in software applications. Programmers are prone to implement poor key management, make mistakes coding the algorithm, and ...

Conventional authorization models enforcing discretionary policies are based on authorizations which specify, for each user or group of users in the system, the accesses he is allowed to execute on objects. We propose a new authorization model which ...

We have developed a model of security and integrity for computer systems, the Versatile Integrity and Security Environment (VISE), which describes the basic functionality of these systems and which addresses data confidentiality and correctness of ...