Information Security and Privacy

Mandatory access control systems (MAC ) are often criticised for their lack of flexibility, but they protect a system’s confidentiality from a wide range of untrustworthy Trojan Horse programs. On the other hand, discretionary access control systems (DAC ) place no restriction on flexibility. But, at present, they are generally regarded as inherently defenceless against all kinds of untrustworthy programs. We believe that this trade-off is not unavoidable. We show that, for lack of distinction between a user’s and a program’s trustworthiness, the vulnerability of DAC is design-based. On these grounds we present a modified DAC . The central idea is the separation of the management of rights from other activities of a user. The resulting system offers the flexibility of DAC and the protection of MAC .

[1]  Stefan Brands,et al.  Electronic cash on the Internet , 1995, Proceedings of the Symposium on Network and Distributed System Security.

[2]  Benjamin Cox,et al.  NetBill Security and Transaction Protocol , 1995, USENIX Workshop on Electronic Commerce.

[3]  Niels Ferguson,et al.  Extensions of Single-term Coins , 1993, CRYPTO.

[4]  Colin Boyd,et al.  A Payment Scheme Using Vouchers , 1998, Financial Cryptography.

[5]  Mihir Bellare,et al.  iKP - A Family of Secure Electronic Payment Protocols , 1995, USENIX Workshop on Electronic Commerce.

[6]  Birgit Pfitzmann,et al.  How to break fraud-detectable key recovery , 1998, OPSR.

[7]  Yiannis Tsiounis,et al.  Easy Come - Easy Go Divisible Cash , 1998, EUROCRYPT.

[8]  Ueli Maurer,et al.  Digital Payment Systems with Passive Anonymity-Revoking Trustees , 1996, ESORICS.

[9]  Eric R. Verheul,et al.  Binding ElGamal: A Fraud-Detectable Alternative to Key-Escrow Proposals , 1997, EUROCRYPT.

[10]  Amos Fiat,et al.  Untraceable Electronic Cash , 1990, CRYPTO.

[11]  Bruce Schneier,et al.  Conditional purchase orders , 1997, CCS '97.

[12]  Berry Schoenmakers Basic Security of the ecash Payment System , 1997 .

[13]  Stefan A. Brands,et al.  Untraceable Off-line Cash in Wallets with Observers (Extended Abstract) , 1993, CRYPTO.

[14]  Tatsuaki Okamoto,et al.  Single-Term Divisible Electronic Coins , 1994, EUROCRYPT.

[15]  Martín Abadi,et al.  Prudent Engineering Practice for Cryptographic Protocols , 1994, IEEE Trans. Software Eng..

[16]  Matthew K. Franklin,et al.  The Design and Implementation of a Secure Auction Service , 1996, IEEE Trans. Software Eng..