Abstract:
Increasingly, organizations are developing sophisticated computing systems on whose services they need to place great trust. In many circumstances the focus will be made on different properties of such services – e.g., on the integrity, on the average realtime response achieved, or on the degree to which deliberate intrusions can be prevented. Simultaneous consideration of availability and integrity provides a very convenient means of subsuming these various concerns within a single conceptual framework. It also provides the means of addressing the problem of an appropriate balance of these properties. The Lattice model, Chinese Wall policy, and Grosch?s law are central to the understanding and mastering of our model. The model provided for achieving availability and integrity is extremely useful, as before those attributes have been considered much more orthogonal to each other, and the development of any real system should have performed trade offs. The model enables the more classical notions of integrity, availability, and confidentiality to be put into perspective.
Fulltext:
PDF file (204 kB)