Access Control, Security, and Trust A Logical Approach

ISBN-10: 1584888628
ISBN-13: 9781584888628
Edition: 2010
Buy it from $115.53
eBook available
This item qualifies for FREE shipping

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

30 day, 100% satisfaction guarantee

If an item you ordered from TextbookRush does not meet your expectations due to an error on our part, simply fill out a return request and then return it by mail within 30 days of ordering it for a full refund of item cost.

Learn more about our returns policy

Description: Using propositional modal logic to explain access control principles, this workprovides the mathematical means to comprehend, analyze, create and verify the policies and control mechanisms used to protect resources. It starts with a preliminary  More...

New Starting from $124.60
eBooks Starting from $50.95
Rent
Buy
what's this?
Rush Rewards U
Members Receive:
coins
coins
You have reached 400 XP and carrot coins. That is the daily max!
You could win $10,000

Get an entry for every item you buy, rent, or sell.

Study Briefs

Limited time offer: Get the first one free! (?)

All the information you need in one place! Each Study Brief is a summary of one specific subject; facts, figures, and explanations to help you learn faster.

Add to cart
Study Briefs
History of Western Art Online content $4.95 $1.99
Add to cart
Study Briefs
History of World Philosophies Online content $4.95 $1.99
Add to cart
Study Briefs
American History Volume 1 Online content $4.95 $1.99
Add to cart
Study Briefs
History of Western Music Online content $4.95 $1.99

Customers also bought

Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading

Book details

Copyright year: 2010
Publisher: CRC Press LLC
Publication date: 7/26/2010
Binding: Hardcover
Pages: 352
Size: 6.50" wide x 9.75" long x 1.00" tall
Weight: 1.386

Using propositional modal logic to explain access control principles, this workprovides the mathematical means to comprehend, analyze, create and verify the policies and control mechanisms used to protect resources. It starts with a preliminary introduction and then covers distributed access control, resources and sharing, and security monitors, the latter of which serves as a bridge to classical security models. While structured as a text for advanced undergraduates and graduate students, the book also meets the reference needs of those computer engineers, computer scientists, and information technologists responsible for designing, implementing, and verifying computer and information systems.

List of Tables
List of Figures
Preface
Access Control, Security, Trust, and Logic
Deconstructing Access-Control Decisions
A Logical Approach to Access Control
Preliminaries
A Language for Access Control
Sets and Relations
Notation
Approaches for Mathematical Proofs
Syntax
Principal Expressions
Access-Control Statements
Well-Formed Formulas
Semantics
Kripke Structures
Semantics of the Logic
Summary
Further Reading
Reasoning about Access Control
Logical Rules
The Taut Rule
The Modus Ponens Rule
The Says Rule
The MP Says Rule
The Speaks For Rule
The & Says and Quoting Rules
Properties of →
The Equivalence Rule
The Controls Definition
Formal Proofs and Theorems
Soundness of Logical Rules
Summary
Further Reading
Basic Concepts
Reference Monitors
Access-Control Mechanisms: Tickets and Lists
Tickets
Lists
Logical and Pragmatic Implications
Authentication
Two-Factor Authentication
Using Credentials from Other Authorities
Groups
Summary
Further Reading
Security Policies
Confidentiality, Integrity, and Availability
Discretionary Security Policies
Mandatory Security Policies
Military Security Policies
Extending the Logic with Security levels
Expressing Military Security Policies
Military Security Policies: An Extended Example
Commercial Policies
Extending the Logic with Integrity Levels
Protecting Integrity
Strict Integrity
An Extended Example of a Strict Integrity Policy
Summary
Further Reading
Distributed Access Control
Digital Authentication
Public-Key Cryptography
Efficiency Mechanisms
Cryptographic Hash Functions
Data-Encryption Keys
Digital Signatures
Reasoning about Cryptographic Communications
Certificates, Certificate Authorities, and Trust
Symmetric-Key Cryptography
Summary
Further Reading
Delegation
Simple Delegations
Delegation and Its Properties
A Delegation Example: Simple Checking
Formal Definitions of Checks
Bank Policies on Checks
Operating Rules for Checks
Summary
Further Reading
Networks: Case Studies
SSL and TLS: Authentication across the Web
Handshake Protocol
Record Protocol
Kerberos: Authentication for Distributed Systems
Initial Authentication Requests
Requests for Service-Specific Tickets
Requests for Services
Proxiable Tickets
Financial Networks
Electronic Clearinghouses
Bank Authorities, Jurisdiction, and Policies
Bank Operating Rules
Summary
Further Reading
Isolation and Sharing
A Primer on Computer Hardware
Ones and Zeros
Synchronous Design
Synchronous Registers
Registers with Load Control
Registers with Tri-State Outputs
Combinational Logic and Functions
Arithmetic Logic Units
Microcode
Data Paths and Control Paths
Microprogramming
Summary
Further Reading
Virtual Machines and Memory Protection
A Simple Processor
Processor Components
Machine Instructions
Processors with Memory Segmentation
Segmentation Using a Relocation Register
Processor State and Instructions
Program Status Word
Traps
Controlling Access to Memory and Segmentation Registers
Access to Program Memory
Implementation Details
Access to the Relocation Register
Setting the Mode Bit
Design of the Virtual Machine Monitor
Privileged Instructions
Sensitive Instructions
Virtualizable Processor Architectures
Summary
Further Reading
Access Control Using Descriptors and Capabilities
Address Descriptors and Capabilities
Tagged Architectures
Capability Systems
Catalogs
Creating New Segments
Dynamic Sharing
Revocation of Capabilities
Summary
Further Reading
Access Control Using Lists and Rings
Generalized Addresses
Segment Access Controllers
ACL-Based Access Policy for Memory Accesses
Ring-Based Access Control
Access Brackets
Call Brackets
Summary
Further Reading
Access Policies
Confidentiality and Integrity Policies
Classifications and Categories
Bell-La Padula Model, Revisited
Confidentiality levels: Some Practical Considerations
Biba's Strict Integrity, Revisited
Lipner's Integrity Model
Commercial Integrity Requirements
Commercial Integrity via Bell-La Padula
Commercial Integrity via Bell-La Padula and Strict Integrity
Summary
Further Reading
Role-Based Access Control
RBAC Fundamentals
Role Inheritance
Sessions
Separation of Duty
Static Separation of Duty
Dynamic Separation of Duty
Representing RBAC Systems in the Logic
RBAC Extensions to the Logic
Translating RBAC into the Logic
Summary
Further Reading
Summary of the Access-Control Logic
Syntax
Core Rules, Derived Rules, and Extensions
Bibliography
Notation Index
General Index

×
Free shipping on orders over $35*

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

Learn more about the TextbookRush Marketplace.

×