Concept
Computer security model
A computer security model is a scheme for specifying and enforcing security policies. A security model may be founded upon a formal model of access rights, a model of computation, a model of distributed computing, or no particular theoretical grounding at all. A computer security model is implemented through a computer security policy. For a more complete list of available articles on specific security models, see .
Official source
About this result
This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.
Related courses (1)
COM-301: Computer security and privacy
This is an introductory course to computer security and privacy. Its goal is to provide students with means to reason about security and privacy problems, and provide them with tools to confront them.
Related lectures (5)
Mandatory Access Control: Principles and Security Models
Explores Mandatory Access Control principles, security models, the Chinese Wall model, covert communication channels, and the importance of sanitization in business.
Mandatory Access Control: Multi-property Security Models
Explores the Chinese Wall model for combining confidentiality and integrity, addressing conflicts of interest and multilateral security.
Mandatory Access Control: Confidentiality Models
Explores the Bell La Padula model, covert channels, declassification challenges, and security properties in confidentiality models.
Related publications (5)
On the Theory and Practice of Modern Secure Messaging
Billions of people now have conversations daily over the Internet. A large portion of this communication takes place via secure messaging protocols that offer "end-to-end encryption'" guarantees and resilience to compromise like the widely-used Double Ratc ...
EPFL2024Implications of Position in Cryptography
In our daily lives, people or devices frequently need to learn their location for many reasons as some services depend on the absolute location or the proximity. The outcomes of positioning systems can have critical effects e.g., on military, emergency. Th ...
EPFL2018Security in distributed metadata catalogues
Catalogue services provide the discovery and location mechanisms that allow users and applications to locate data on Grids. Replication is a highly desirable feature in these services, since it provides the scalability and reliability required on large dat ...
2008Related concepts (2)
Mandatory access control
In computer security, mandatory access control (MAC) refers to a type of access control by which the operating system or database constrains the ability of a subject or initiator to access or generally perform some sort of operation on an object or target. In the case of operating systems, a subject is usually a process or thread; objects are constructs such as files, directories, TCP/UDP ports, shared memory segments, IO devices, etc. Subjects and objects each have a set of security attributes.
Discretionary access control
In computer security, discretionary access control (DAC) is a type of access control defined by the Trusted Computer System Evaluation Criteria (TCSEC) as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong. The controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (perhaps indirectly) on to any other subject (unless restrained by mandatory access control).