Access Control, Security, and Trust

Access Control, Security, and Trust: A Logical Approach

Series:
Published:
Content:
Author(s):
Free Standard Shipping

Purchasing Options

Hardback
$104.95 $83.96
ISBN 9781584888628
Cat# C8628
Add to cart
SAVE 20%
eBook (VitalSource)
$104.95 $73.47
ISBN 9781584888635
Cat# CE8628
Add to cart
SAVE 30%
eBook Rentals
 

Features

  • Employs propositional modal logic to explain access control principles
  • Shows how to perform derivations and calculations with mathematical precision and accuracy
  • Focuses on reference monitors in security
  • Presents numerous examples ranging from the control of physical memory in hardware to multilevel security policies
  • Includes exercises that deal with application, analysis, synthesis, and evaluation
  • Offers HOL-4 implementation and slides for each chapter available for download on www.crcpress.com

Solutions manual available for qualifying instructors

Summary

Developed from the authors’ courses at Syracuse University and the U.S. Air Force Research Laboratory, Access Control, Security, and Trust: A Logical Approach equips readers with an access control logic they can use to specify and verify their security designs. Throughout the text, the authors use a single access control logic based on a simple propositional modal logic.

The first part of the book presents the syntax and semantics of access control logic, basic access control concepts, and an introduction to confidentiality and integrity policies. The second section covers access control in networks, delegation, protocols, and the use of cryptography. In the third section, the authors focus on hardware and virtual machines. The final part discusses confidentiality, integrity, and role-based access control.

Taking a logical, rigorous approach to access control, this book shows how logic is a useful tool for analyzing security designs and spelling out the conditions upon which access control decisions depend. It is designed for computer engineers and computer scientists who are responsible for designing, implementing, and verifying secure computer and information systems.

Table of Contents

Access Control, Security, Trust, and Logic
Deconstructing Access Control Decisions
A Logical Approach to Access Control

PRELIMINARIES
A Language for Access Control

Sets and Relations
Syntax
Semantics

Reasoning about Access Control
Logical Rules
Formal Proofs and Theorems
Soundness of Logical Rules

Basic Concepts
Reference Monitors
Access Control Mechanisms: Tickets and Lists
Authentication

Security Policies
Confidentiality, Integrity, and Availability
Discretionary Security Policies
Mandatory Security Policies
Military Security Policies
Commercial Policies

DISTRIBUTED ACCESS CONTROL
Digital Authentication
Public-Key Cryptography
Efficiency Mechanisms
Reasoning about Cryptographic Communications
Certificates, Certificate Authorities, and Trust
Symmetric-Key Cryptography

Delegation
Simple Delegations
Delegation and Its Properties
A Delegation Example: Simple Checking

Networks: Case Studies
SSL and TLS: Authentication across the Web
Kerberos: Authentication for Distributed Systems
Financial Networks

ISOLATION AND SHARING
A Primer on Computer Hardware
Ones and Zeros
Synchronous Design
Microcode

Virtual Machines and Memory Protection
A Simple Processor
Processors with Memory Segmentation
Controlling Access to Memory and Segmentation Registers
Design of the Virtual Machine Monitor

Access Control Using Descriptors and Capabilities
Address Descriptors and Capabilities
Tagged Architectures
Capability Systems

Access Control Using Lists and Rings
Generalized Addresses
Segment Access Controllers
ACL-Based Access Policy for Memory Accesses
Ring-Based Access Control

ACCESS POLICIES
Confidentiality and Integrity Policies

Classifications and Categories
Bell–La Padula Model, Revisited
Confidentiality Levels: Some Practical Considerations
Biba’s Strict Integrity, Revisited
Lipner’s Integrity Model

Role-Based Access Control
RBAC Fundamentals
Separation of Duty
Representing RBAC Systems in the Logic

Appendix: Summary of the Access Control Logic

Index

A Summary and Further Reading appear at the end of each chapter.

Author Bio(s)

Shiu-Kai Chin is a Meredith Professor in the Department of Electrical Engineering and Computer Science at Syracuse University. He is also director of the Center for Information and Systems Assurance and Trust. While at Syracuse, Dr. Chin has received the Outstanding Teacher Award, the Chancellor’s Citation for Outstanding Contributions to the University’s Academic Programs, and the Crouse Hinds Award for Excellence in Education.

Susan Older is an associate professor in the Department of Electrical Engineering and Computer Science at Syracuse University. She is also the program director for the Certificate of Advanced Study in Systems Assurance. Dr. Older’s research interests include programming-language semantics, logics of programs, formal methods, and information-assurance and computer science education.

Editorial Reviews

Focusing on the logic of access control, more than on actual computer programming, this volume is designed as a textbook for undergraduates. Each chapter ends with exercises and a concise description of expected learning outcomes. The authors, both in electrical engineering and computer science at Syracuse University, also teach an intensive summer course on access control for hundreds of ROTC cadets. It contains a useful selection of tables and figures, a notation index and a brief bibliography.
SciTech Book News, February 2011

 
Textbooks
Other CRC Press Sites
Featured Authors
STAY CONNECTED
Facebook Page for CRC Press Twitter Page for CRC Press You Tube Channel for CRC Press LinkedIn Page for CRC Press Google Plus Page for CRC Press Pinterest Page for CRC Press
Sign Up for Email Alerts
© 2014 Taylor & Francis Group, LLC. All Rights Reserved. Privacy Policy | Cookie Use | Shipping Policy | Contact Us