Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!uunet!mcsun!ukc!dcl-cs!aber-cs!athene!pcg From: pcg@cs.aber.ac.uk (Piercarlo Grandi) Newsgroups: comp.object Subject: Re: Information Security and (vs?) object oriented programming Message-ID: Date: 8 Dec 90 22:03:11 GMT References: Sender: pcg@aber-cs.UUCP Organization: Coleg Prifysgol Cymru Lines: 29 Nntp-Posting-Host: teachh In-reply-to: blk@mitre.org's message of 5 Dec 90 18:16:25 GMT On 5 Dec 90 18:16:25 GMT, blk@mitre.org (Brian L. Kahn) said: blk> I work in the field of computer security (compusec), also known as blk> information security (infosec). There is about 10 years of literature blk> in this community based on a notion of a "reference monitor", a small blk> but omnipresent watchdog that enforces some access control policy. blk> The reference monitor must OK any access to a data object by a blk> subject, based upon permissions and rights attached to all subjects blk> and objects. [ ... ] blk> Can anyone give me references to papers on infosec or access control blk> in OOP? How about formal models (based in mathematics) for OOPLs? Well, actually, under the name of "capability system" OO has been *the* thing in infosec systems for quite a long time. I would suggest having a look at some IEEE Comp. issue of old, on secure systems -- I don't remember the year, but I think it was early eighties. I especially recommend any paper about SCOMP. SCOMP is an OO capability highly secure system, the only one to have so far ahived (publicly) the A1 rating. It is implemented as an hw reference monitor implementing secure objects in an Honeywell mini, and works as a sophisticated OO MMU. There are loads of formal models for OOP secure systems. Just start with any book on capability architectures, and you are on the right track. -- Piercarlo Grandi | ARPA: pcg%uk.ac.aber.cs@nsfnet-relay.ac.uk Dept of CS, UCW Aberystwyth | UUCP: ...!mcsun!ukc!aber-cs!pcg Penglais, Aberystwyth SY23 3BZ, UK | INET: pcg@cs.aber.ac.uk