Analyzing the security of an existing computer system
- Bishop, M.
- May 1, 1986.
- Physical Description:
- 1 electronic document
- Restrictions on Access:
- Unclassified, Unlimited, Publicly available.
- Most work concerning secure computer systems has dealt with the design, verification, and implementation of provably secure computer systems, or has explored ways of making existing computer systems more secure. The problem of locating security holes in existing systems has received considerably less attention; methods generally rely on thought experiments as a critical step in the procedure. The difficulty is that such experiments require that a large amount of information be available in a format that makes correlating the details of various programs straightforward. This paper describes a method of providing such a basis for the thought experiment by writing a special manual for parts of the operating system, system programs, and library subroutines.
- NASA Technical Reports Server (NTRS) Collection.
- Document ID: 19860023557.
Accession ID: 86N33029.
- No Copyright.
View MARC record | catkey: 15701616