Analyzing the Security of an Existing Computer System
- M. Bishop,
“Analyzing the Security of an Existing Computer System,”
Technical Report 86.13,
Research Institute for Advanced Computer Science,
NASA Ames Research Center, Moffett Field, CA 94035
Most work concerning secure computer systems has dealt with the design, verification, and implementation of provably secure computer systems, or has explored ways of making existing computer systems more secure. The problem of locating security holes in existing systems has received considerably less attention; methods generally rely on “thought experiments” as a critical step in the procedure. The difficulty is that such experiments require that a large amount of information be available in a format that makes correlating the details of various programs straightforward. This paper describes a method of providing such a basis for the “thought experiments” by writing a special manual for parts of the operating system, system programs, and library subroutines.