Information Security:
An Integrated Collection of Essays

Edited by

Marshall D. Abrams
Sushil Jajodia
Harold J. Podell

IEEE Computer Society Press
Los Alamitos, California, USA

Table of Contents



Introduction | References | Glossary | Index

Part 1. Motivation

Essay 1. What Is There to Worry About? An Introduction to the Computer Security Problem
Donald L. Brinkley and Roger R. Schell

Essay 2. Concepts and Terminology for Computer Security
Donald L. Brinkley and Roger R. Schell

Essay 3. A Philosophy of Security Management
David Bailey

Essay 4. Malicious Software
Marshall D. Abrams and Harold J. Podell

Essay 5. Abstraction and Refinement of Layered Security Policy
Marshall D. Abrams and David Bailey

Part 2. Understanding and Working Security Issues

Essay 6. Evaluation Criteria for Trusted Systems
Roger R. Schell and Donald L. Brinkley

Essay 7. Information Security Policy
Ingrid M. Olson and Marshall D. Abrams

Essay 8. Formal Methods and Models
James G. Williams and Marshall D. Abrams

Essay 9. Rule-Set Modeling of a Trusted Computer System
Leonard J. LaPadula

Essay 10. Representative Organizations That Participate in Open Systems Security Standards Development
Harold J. Podell

Essay 11. Penetration Testing
Clark Weissman

Essay 12. Evaluation Issues
Marshall D. Abrams and Harold J. Podell

Essay 13. Supporting Policies and Functions
Marshall D. Abrams and Harold J. Podell

Essay 14. Security Engineering
Marshall D. Abrams, Harold J. Podell, and Daniel W. Gambel

Essay 15. Cryptography
Marshall D. Abrams and Harold J. Podell

Essay 16. Local Area Networks
Marshall D. Abrams and Harold J. Podell

Essay 17. Internet Privacy Enhanced Mail
Stephen T. Kent

Essay 18. Electronic Data Interchange (EDI) Messaging Security
Ted Humphreys

Part 3. Database Security

Essay 19. Architectures for MLS Database Management Systems
LouAnna Notargiacomo

Essay 20. Toward a Multilevel Secure Relational Data Model
Sushil Jajodia and Ravi S. Sandhu

Essay 21. Solutions to the Polyinstantiation Problem
Sushil Jajodia, Ravi S. Sandhu, and Barbara T. Blaustein

Essay 22. Integrity in Multilevel Secure Database Management Systems
Catherine Meadows and Sushil Jajodia

Essay 23. Multilevel Secure Database Management Prototypes
Thomas H. Hinke

Essay 24. Inference Problems in Multilevel Secure Database Management Systems
Sushil Jajodia and Catherine Meadows

Essay 25. Logical Design of Audit Information in Relational Databases
Sushil Jajodia, Shashi K. Gadia, and Gautam Bhargava

Essay 26. A Multilevel Secure Object-Oriented Data Model
Sushil Jajodia, Boris Kogan, and Ravi S. Sandhu

Essay 27. Integrity Mechanisms in Database Management Systems
Ravi S. Sandhu and Sushil Jajodia