Sciweavers

SP
1989
IEEE

The Chinese Wall Security Policy

14 years 3 months ago
The Chinese Wall Security Policy
Everyone who has seen the movie Wall Street will have seen a commercial security policy in action. The recent work of Clark and Wilson and the WIPCIS initiative (the Workshop on Integrity Policy for Computer Information Systems) has drawn attention to the existence of a wide range of commercial security policies which are both significantly different from each other and quite alien to current "military" thinking as implemented in products for the security market place. This paper presents a basic mathematical theory which implements one such policy, the Chinese Wall, and shows that it cannot be correctly represented by a Bell-LaPadula model. The Chinese Wall policy combines commercial discretion with legally enforceable mandatory controls. It is required in the operation of many financial services organizations and is, therefore, perhaps as significant to the financial world as Bell-LaPadula's policies are to the military.
D. F. C. Brewer, M. J. Nash
Added 11 Aug 2010
Updated 11 Aug 2010
Type Conference
Year 1989
Where SP
Authors D. F. C. Brewer, M. J. Nash
Comments (0)