Secure monitoring model based on the Clark-Wilson integrity policies

作     者：Qing, Si-Han Wen, Hong-Zi Lei, Hao Wang, Jian 

作者机构：Eng. and Res. Ctr. Inst. of Software Chinese Acad. of Sci. Beijing 100080 China Graduate Sch. Chinese Acad. of Sci. Beijing 100039 China Lab. of Info. Security Inst. of Software Chinese Acad. of Sci. Beijing 100080 China Supercomputing Ctr. Comp. Network Info. Ctr. Chinese Acad. of Sci. Beijing 100080 China 

出 版 物：《Ruan Jian Xue Bao/Journal of Software》 (Ruan Jian Xue Bao)

年 卷 期：2004年第15卷第8期

页      面：1124-1132页

核心收录：

主　　题：Security of data 

摘      要：The redundant data in log files and the delay for detecting abnormal trails are the inherent problems existing in the traditional secure monitoring subsystem of a computer system. It is identified that the system security policies determine the logging data items in a secure monitoring function. By formally describing and analyzing the famous Clark-Wilson integrity policies with the corresponding relation patterns, the minimal logging data items set involved in these security policies is precisely determined. A formal secure monitoring model based on Clark-Wilson integrity policies (CW-SMM) is proposed. The CW-SMM has the characteristics of both minimal logging data and auto-detecting of the system abnormal trails in time, and can thoroughly solve the problems mentioned above.