Copyright(c) Management Analytics, 1995 - All Rights Reserved
- [Anderson72] Anderson, J. P. Computer Security Technology Planning Study, ESD-TR-73-51, vol. I, ESD/AFSC, Hanscom AFB, Bedford, Mass., October 1972 (NTIS AD-758 206).
- [Bell76] Bell, D. E. and LaPadula, L. J. Secure Computer Systems: Unified Exposition and Multics Interpretation, MTR-2997 Rev. 1, MITRE Corp., Bedford, Mass., March 1976.
- [Brand80] Brand, S. L. "An Approach to Identification and Audit of vulnerabilities and Control in Application Systems," in Audit and Evaluation of Computer Security II: System Vulnerabilities and Controls, Z. Ruthb
erg, ed., NBS Special Publication #500-57, MD 78733, April 1980.
- [Brand82] Brand, S. L. "Data Processing and A-123," in Proceedings of the Computer Performance Evaluation User's Group 18th Meeting, C. B. Wilson, ed., NBS Special Publication #500-95, October 1982.
- [DCID-l-l6] DCID l/l6, Security of Foreign Intelligence in Automated Data Processing Systems and Networks (U), 4 January l983.
- [DIAM-50-4] DIAM 50-4, Security of Compartmented Computer Operations (U), 24 June l980.
- [Denning76] Denning, D. E. "A Lattice Model of Secure Information Flow," in Communications of the ACM, vol. 19, no. 5 (May 1976), pp. 236-243.
- [Denning75] Denning, D. E. Secure Information Flow in Computer Systems, Ph.D. dissertation, Purdue Univ., West Lafayette, Ind., May 1975.
- [DoD-5000.29] DoD Directive 5000.29, Management of Computer Resources in Major Defense Systems, 26 April l976.
- [DoD-5200.1-R] DoD 5200.1-R, Information Security Program Regulation, August 1982.
- [DoD-5200.28] DoD Directive 5200.28, Security Requirements for Automatic Data Processing (ADP) Systems, revised April 1978.
- [DoD-5200.28-M] DoD 5200.28-M, ADP Security Manual -- Techniques and Procedures for Implementing, Deactivating, Testing, and Evaluating Secure Resource-Sharing ADP Systems, revised June 1979.
- [DoD-5215.1] DoD Directive 5215.1, Computer Security Evaluation Center, 25 October 1982.
- [DoD-5220.22-M] DoD 5220.22-M, Industrial Security Manual for Safeguarding Classified Information, March 1984.
- [DoD-5220.22-R] DoD 5220.22-R, Industrial Security Regulation, February 1984.
- [DoD-5400.11] DoD Directive 5400.11, Department of Defense Privacy Program, 9 June 1982.
- [DoD-7920.1] DoD Directive 7920.1, Life Cycle Management of Automated Information Systems (AIS), 17 October 1978
- [Executive-Order-12356] Executive Order 12356, National Security Information, 6 April 1982.
- [Faurer81] Faurer, L. D. "Keeping the Secrets Secret," in Government Data Systems, November - December 1981, pp. 14-17.
- [FIPS-39] Federal Information Processing Standards Publication (FIPS PUB) 39, Glossary for Computer Systems Security, 15 February 1976.
- [FIPS-73] Federal Information Processing Standards Publication (FIPS PUB) 73, Guidelines for Security of Computer Applications, 30 June 1980.
- [FIPS-102] Federal Information Processing Standards Publication (FIPS PUB) 102, Guideline for Computer Security Certification and Accreditation.
- [Lampson73] Lampson, B. W. "A Note on the Confinement Problem," in Communications of the ACM, vol. 16, no. 10 (October 1973), pp. 613-615.
- [Lee80] Lee, T. M. P., et al. "Processors, Operating Systems and Nearby Peripherals: A Consensus Report," in Audit and Evaluation of Computer Security II: System Vulnerabilities and Controls, Z. Ruthberg, ed., NBS S
pecial Publication #500-57, MD78733, April 1980.
- [Lipner] Lipner, S. B. A Comment on the Confinement Problem, MITRE Corp., Bedford, Mass.
- [Millen78] Millen, J. K. "An Example of a Formal Flow Violation," in Proceedings of the IEEE Computer Society 2nd International Computer Software and Applications Conference, November 1978, pp. 204-208.
- [Millen76] Millen, J. K. "Security Kernel Validation in Practice," in Communications of the ACM, vol. 19, no. 5 (May 1976), pp. 243-250.
- [Nibaldi79] Nibaldi, G. H. Proposed Technical Evaluation Criteria for Trusted Computer Systems, MITRE Corp., Bedford, Mass., M79-225, AD-A108-832, 25 October 1979.
- [Nibaldi79-2] Nibaldi, G. H. Specification of A Trusted Computing Base, (TCB), MITRE Corp., Bedford, Mass., M79-228, AD-A108- 831, 30 November 1979.
- [OMB-A-71] OMB Circular A-71, Transmittal Memorandum No. 1, Security of Federal Automated Information Systems, 27 July 1978.
- [OMB-A-123] OMB Circular A-123, Internal Control Systems, 5 November 1981.
- [Ruthberg77] Ruthberg, Z. and McKenzie, R., eds. Audit and Evaluation of Computer Security, in NBS Special Publication #500-19, October 1977.
- [Schaefer77] Schaefer, M., Linde, R. R., et al. "Program Confinement in KVM/370," in Proceedings of the ACM National Conference, October 1977, Seattle.
- [Schell79] Schell, R. R. "Security Kernels: A Methodical Design of System Security," in Technical Papers, USE Inc. Spring Conference, 5-9 March 1979, pp. 245-250.
- [Trotter80] Trotter, E. T. and Tasker, P. S. Industry Trusted Computer Systems Evaluation Process, MITRE Corp., Bedford, Mass., MTR-3931, 1 May 1980.
- [Turn81] Turn, R. Trusted Computer Systems: Needs and Incentives for Use in government and Private Sector, (AD # A103399), Rand Corporation (R-28811-DR&E), June 1981.
- [Walker80] Walker, S. T. "The Advent of Trusted Computer Operating Systems," in National Computer Conference Proceedings, May 1980, pp. 655-665.
- [Ware79] Ware, W. H., ed., Security Controls for Computer Systems: Report of Defense Science Board Task Force on Computer Security, AD # A076617/0, Rand Corporation, Santa Monica, Calif., February 1970, reissued Octob