Этот проект демонстрирует каким образом законные требования секретности могут быть технически внедрены в систему. Первые тесты реализованной нами системы со сценарием воображаемой больницы продемонстрировали, как может быть расширена секретность. Концепция GFAC позволяет комбинировать политику секретности с политикой, стоящей на страже более специфических требований секретности в отношении некоторых программ. В будущем мы планируем подвергнуть анализу простоту перевода ADF- и ACI-модулей на другие системные платформы. Кроме того, системная концепция должна быть проверена в реальной среде приложений.
Литература:
[Abrams et al. 1990] Marshall Abrams, K.Eggers, L.LaPadula, I.Olson, "A Generalized Framework for Access Control: An Informal Description", Proceedings of the 13th National Computer Security Conference, Washington, October 1990.
[Clark/ Wilson 1987] David Clark, David Wilson, "A Comparison of Commercial and Military Computer Security Policies", Proceedings of the IEEE Computer Society Symposium on Security and Privacy, Oakland, 1987.
[Common Criteria 1998] Common Criteria Editorial Board: Common Criteria for Information Technology Security Evaluation, Version 2.0, May 1998.
[Ferraiolo/Kuhn 1992] David Ferraiolo, Richard Kuhn, "Role-Based Access Controls", Proceedings of the 15th National Computer Security Conference, Baltimore MD, October 1992.
[Fischer-Hu"bner 1994] Simone Fischer-Hu"bner, "Towards a Privacy-Friendly Design and Usage of IT-Security Mechanisms", Proceedings of the 17th National Computer Security Conference, Baltimore MD, October 1994.
[Fischer-Hu"bner 1995] Simone Fischer-Hu"bner, "Considering Privacy as a Security-Aspect: A Formal Privacy-Model", DASY-Papers No. 5/95, Institute of Computer and System Sciences, Copenhagen Business School, 1995.
[Fischer-Hu"bner 1997a] Simone Fischer-Hu"bner, "Privacy at Risk in the Global Information Society", in: Jacques Berleur and Diane Whitehouse, Eds., 'An ethical global information society: Culture and democracy revisited', Proceedings of the IFIP-WG9.2/9.5 Corfu International Conference, May 8-10, 1997, Chapman &Hall, 1997.
[Fischer-Hu"bner 1997b] Simone Fischer-Hu"bner, "A Formal Task-based Privacy Model and its Implementation: An updated Report", Proceedings of the Second Nordic Workshop on Secure Computer Systems NORDSEC'97, Helsiniki, November 6-7, 1997.
[LaPadula 1995] Leonard LaPadula, "Rule-Set Modelling of Trusted Computer System", Essay 9 in: M.Abrams, S.Jajodia, H. Podell, "Information Security - An integrated Collection of Essays", IEEE Computer Society Press, 1995.
[Ott 1997] Amon Ott, "Regel-basierte Zugriffskontrolle nach dem Generalized Framework for Access Control-Ansatz am Beispiel Linux", Universita"t Hamburg, Fachbereich Informatik,
http://agn-www.informatik.uni-hamburg.de/people/1ott/rsbac/eng.htm (08/May/2000: New location at http://www.rsbac.org).
[Registratiekamer et al. 1995] Registratiekamer, The Netherlands & Information and Privacy Commissioner /Ontario, Canada: "Privacy-Enhancing Technologies: The Path to Anonymity", Vol.1, August 1995.
[Sobirey et al. 1997] Michael Sobirey, Simone Fischer-Hu"bner, Kai Rannenberg, "Pseudonymous Auditing for a Privacy-Enhanced Intrusion Detection", Proceedings of the IFIP TC-11 Sec'97-Conference "Information Security in Research and Business", Copenhagen, May 14-16, Eds: L.Yngstroem, J.Carlsen, Capman&Hall, 1997.