Foundations and Overview

Jan 31 (Marks/Marceau) scribe notes:

B. W. Lampson
Proc. of the 5th Princeton Symposium on Information Sciences and Systems, pp. 437-443, March 1971

Feb 2 (Leo Meyerovich/Cooper) scribe notes:

J. H. Saltzer and M. D. Schroeder
The protection of information in computer systems
Proceedings of the IEEE, 63(9):1278-1308, September 1975  (Section 1A)

Feb 7 (Tschantz/Hopkins) scribe notes:

D. Elliott Bell and Len LaPadula
Secure Computer Systems: Mathematical Foundations (vol. 1)

Feb 9 (Yao/Mira Meyerovich) scribe notes:

John McLean
The Specification and Modeling of Computer Security
Computer, 1990

Feb 14 (Leen/Arnaudov):

Santosh Chokhani
Trusted products evaluation

Communications of the ACM, Volume 35, Issue 7 (July 1992)

Feb 16 (Berg/Marks) scribe notes:

Clark and Wilson
A Comparison of Commercial and Military Computer Security Policies

Richard E. Smith
Cost profile of a highly assured, secure operating system
ACM Transactions on Information and System Security 2001

Feb 21: Long Weekend marches on

Feb 23 (Eddon/Leo Meyerovich) scribe notes:

J. A. Goguen and J. Meseguer
Security Policies and Security Models
1982 IEEE Symposium on Security and Privacy

Feb 28 (Mira Meyerovich/Leen) scribe notes:

Martin Abadi, Michael Burrows, Butler Lampson, and Gordon Plotkin
Calculus for access control in distributed systems
Transactions on Programming Languages and Systems (TOPLAS), Volume 15, Issue 4 (September 1993)

Mar 2 (Hopkins/Berg) scribe notes:

Ravi Sandhu and Pierangela Samarati

Access Control: Principles and Practice

IEEE Communications Magazine, 1994

R. Sandhu et. al.
Role-Based Access Control Models
IEEE Computer, Vol. 29, No. 2, Feb 1996.

Sejong Oh and Ravi Sandhu
A model for role administration using organization structure

Proceedings of the seventh ACM symposium on Access control models and technologies, 2002

Apr 18 (Mira Meyerovich/Fisher) scribe notes:

Gustaf Neumann and Mark Strembeck
An approach to engineer and enforce context constraints in an RBAC environment

Elisa Bertino, Piero Andrea Bonatti and Elena Ferrari
TRBAC: A temporal role-based access control model

Policy Analysis

Mar 7 (Ge/Eddon) scribe notes:

Michael A. Harrison, Walter L. Ruzzo, and Jeffrey D. Ullman
Protection in operating systems
Communications of the ACM, 1976

Mar 9 (Kupcu/Fisher) scribe notes:

Apu Kapadia, Geetanjali Sampemane, and Roy H. Campbell

Know Why Your Access was Denied: Regulating Feedback for Usable Security
CSS'04, 2004

Refining Roles

Mar 21 (Fisher/Ge) scribe notes:

Jonathan D. Moffett and Emil C. Lupu

The uses of role hierarchies in access control
ACM workshop on Role-based access control, 1999

Information Flow

Mar 14 (Cooper/Tschantz):

Flow Analysis

Dorothy E. Denning
A Lattice Model of Secure Information Flow
Communications of the ACM

Mar 16 (Marceau/Leo Meyerovich):

Guttman, Herzog, Ramsdell, Skorupka
Verifying Information Flow Goals in Security-Enhanced Linux
WITS 2003

Mar 28, 30: Spring Recess

Apr 4 (Hopkins/---) scribe notes:

Riecke and Heintze
The SLAM Calculus: Programming with Secrecy and Integrity
Symposium on Principles of Programming Panguages, 1998

Apr 6 (Leo Meyerovich/Leen) scribe notes:

A. Sabelfeld and A. C. Myers

Language-Based Information-Flow Security
IEEE Journal on Selected Areas in Communications, vol. 21, no. 1, January 2003

Implementation of Secure Systems
Fred B. Schneider, Greg Morrisett, and Robert Harper
A Language-Based Approach to Security

Trust Management

Apr 11 (Triandopoulos/Kupcu) scribe notes:

Marianne Winslett

An Introduction to Trust Negotiation
iTrust 2003

Blaze, Feigenbaum, and Lacy
Decentralized Trust Management

Apr 13 (Arnaudov/Triandopoulos) scribe notes:

N. Li, J.C. Mitchell, and W.H. Winsborough
Design of a Role-based Trust-management Framework
IEEE Symp. on Security and Privacy, Oakland, May 2002

Apr 27 (Ge/Berg) scribe notes:

Ninghui Li and Mahesh V. Tripunitara
Security Analysis in Role-Based Access Control
Proceedings of the Ninth ACM Symposium on Access Control Models and Techniques (SACMAT 2004)

Secure Linux

Apr 25 (Arnaudov/Kupcu) scribe notes:

Peter Loscocco and Stephen Smalley
Integrating Flexible Support for Security Policies into the Linux Operationg System
Usenix 2001 Freenix Track

Chris Wright, Crispin Cowan, Stephen Smalley, James Morris, Greg Kroah-Hartman
Linux Security Modules: General Security Support for the Linux Kernel
Usenix Security 2002