ylfink@water.waterloo.edu (ylfink) (09/20/88)
DEPARTMENT OF COMPUTER SCIENCE
UNIVERSITY OF WATERLOO
SEMINAR ACTIVITIES
SYSTEMS SEMINAR
- Tuesday, September 27, 1988
Professor John Dobson, Computing Laboratory, University
of Newcastle upon Tyne, U.K., will speak on ``Security
Modelling for Information Technology Systems''.
TIME: 3:30 PM
ROOM: DC 1304
ABSTRACT
Arguments will be presented that suggest the
traditional approach for modelling security, based on
information flow, is ill-founded; work at Newcastle is
underway on finding a more appropriate model based on
ways of modelling the enterprise whose needs the secure
system is intended to serve. The two key ideas behind
this modelling technique are the notion of
dependability, defined as that property of a computing
system which allows reliance justifiably to be placed
on the service which it delivers; and the idea that
this definition can be interpreted only by
understanding the roles, rights and responsibilities of
those who are relying on the system in the context of
the organisation as a whole, which is of course subject
to its own set of policies and constraints (which have
to be formally expressed).
The talk will describe how an organisation is modelled,
and how this naturally leads to modelling the security
policies which have to be obeyed by a computer system
within the organisation.