7.1 |
Introduction |
Security measures |
must be incorporated into |
|
|
neutralised |
specified
--t - asserting |
|
|
|
no-referent---addition |
no-referent---addition |
|
|
|
|
simple
topical |
|
|
|
|
Theme |
|
|
computer systems |
whenever |
they |
specified
--t - asserting |
|
specified
--t non-interlocuters |
no-referent---addition |
|
multiple---ambiguous
preceding---anaphora substitution |
clause-final |
initial
textual |
non-initial
topical |
Rheme |
Theme |
are |
potential targets |
for malicious or
mischievous attacks. |
|
specified
--t non-particular |
specified
--t non-particular |
|
no-referent---addition |
no-referent---addition |
|
clause-internal |
clause-complex-final |
|
Rheme |
This |
is |
especially so |
for systems |
--t
specified proximate |
|
|
specified
--t - asserting |
multiple---ambiguous
preceding---anaphora substitution |
|
|
no-referent---addition |
simple
topical |
|
clause-internal |
clause-final |
Theme |
|
Rheme |
that |
handle |
financial transactions |
or confidential, classified or other
information |
|
|
specified
--t non-particular |
specified
--t non-particular |
|
|
no-referent---addition |
no-referent---addition |
simple
topical |
|
clause-internal |
clause-internal |
Theme |
|
Rheme |
whose secrecy |
and integrity |
are |
critical. |
--t specified - asserting |
specified --t asserting - |
|
|
single
preceding---anaphora alienable meronymy-constitution |
single
preceding---anaphora alienable meronymy-constitution |
|
|
clause-internal |
clause-internal |
|
clause-complex-final |
|
In Figure 7.1, |
we |
summarize |
specified
--t non-particular |
specified
--t interlocuters |
|
single
non-verbal---exophora |
single
non-verbal---exophora |
|
initial
experiential |
non-initial
topical |
|
Theme |
|
the evolution |
of security needs |
in computer systems |
--t
specified - asserting |
specified
--t non-particular |
specified
--t - asserting |
single
within-group---esphora facet meronymy-constitution |
no-referent---addition |
no-referent---addition |
clause-internal |
clause-internal |
clause-final |
Rheme |
since |
they |
first |
|
specified
--t non-interlocuters |
|
|
single
preceding---anaphora substitution |
|
textual
initial |
topical
non-initial |
non-initial
interpersonal |
Theme |
arose |
with the advent |
of shared data |
|
--t
specified - asserting |
specified
--t - asserting |
|
single
within-group---esphora alienable meronymy-constitution |
no-referent---addition |
|
clause-internal |
clause-internal |
|
Rheme |
in multi-user
timesharing systems |
of the 1960s and
70s. |
Today |
specified
--t non-particular |
--t
specified - asserting |
specified
--t asserting - |
no-referent---addition |
context-of-culture---homophora
single |
context-of-culture---homophora
single |
clause-internal |
clause-complex-final |
textual
initial |
|
Theme |
the advent |
of wide-area, open
distributed systems |
has resulted in |
--t
specified - asserting |
specified
--t non-particular |
|
single
within-group---esphora alienable meronymy-constitution |
no-referent---addition |
|
topical
non-initial |
topical
non-initial |
|
|
|
a wide range |
of security issues. |
The need |
--t
specified unmarked |
specified
--t - asserting |
specified
--t asserting - |
single
within-group---esphora relational hyponymy---class-preceding |
no-referent---addition |
single
within-group---esphora elaboration |
clause-internal |
clause-complex-final |
simple
topical |
Rheme |
Theme |
to protect |
the integrity |
and privacy |
|
specified
--t asserting - |
--t
specified - asserting |
|
single
within-group---esphora alienable meronymy-constitution |
single
within-group---esphora alienable meronymy-constitution |
simple
topical |
simple
topical |
simple
topical |
|
of information |
and other resources |
belonging to |
--t
specified - asserting |
specified
difference general-comparison - asserting |
|
no-referent---addition |
multiple---ambiguous
preceding---anaphora attitudinal |
|
simple
topical |
simple
topical |
simple
topical |
|
individuals |
and organizations |
is pervasive |
in both the
physical |
specified
--t - asserting |
specified
--t - asserting |
|
specified
--t asserting inclusive |
no-referent---addition |
no-referent---addition |
|
context-of-culture---homophora
single |
simple
topical |
simple
topical |
|
clause-internal |
|
|
Rheme |
and the digital
world. |
It |
arises from |
--t
specified - asserting |
--t
specified non-interlocuters |
|
context-of-culture---homophora
single |
single
preceding---anaphora substitution |
|
clause-complex-final |
simple
topical |
|
|
Theme |
|
the desire |
to share |
resources. |
specified
--t asserting - |
|
specified
--t asserting - |
single
within-group---esphora elaboration |
|
single
context-of-culture---homophora |
clause-internal |
clause-internal |
clause-complex-final |
Rheme |
In the physical
world, |
organizations |
adopt |
specified
--t asserting - |
--t
specified - asserting |
|
single
preceding---anaphora no-poles---cycle |
single
preceding---anaphora complete-repetition |
|
experiential
initial |
topical
non-initial |
|
Theme |
|
security policies |
that |
provide for |
--t
specified - asserting |
--t
specified non-interlocuters |
|
single
preceding---anaphora complete-repetition |
single
preceding---anaphora substitution |
|
clause-final |
simple
topical |
|
Rheme |
Theme |
|
the sharing |
of resources |
within specified limits. |
--t
specified - asserting |
--t
specified - asserting |
--t
specified non-particular |
single
preceding---anaphora derivation |
single
preceding---anaphora complete-repetition |
single
preceding---anaphora enhancement |
clause-internal |
clause-internal |
clause-complex-final |
Rheme |
For example, |
a company |
may permit |
entry to |
generalized |
--t
specified unmarked |
|
--t
specified unmarked |
|
no-referent---addition |
|
no-referent---addition |
textual
initial |
topical
non-initial |
|
clause-internal |
Theme |
|
Rheme |
its buildings |
for its employees |
and for accredited
visitors. |
specified
--t - asserting |
--t
specified - asserting |
--t
specified unmarked |
single
preceding---anaphora meronymy-constitution part |
single
preceding---anaphora part meronymy-constitution |
single
preceding---anaphora meronymy-constitution part |
clause-internal |
clause-internal |
clause-complex-final |
|
A security policy |
for documents |
may specify |
groups of |
--t
specified unmarked |
--t
specified unmarked |
|
specified
--t - asserting |
no-referent---addition |
no-referent---addition |
|
single
within-group---esphora relational hyponymy---class-preceding |
simple
topical |
simple
topical |
|
clause-internal |
Theme |
|
Rheme |
employees |
who |
can access |
--t
specified unmarked |
|
|
single
preceding---anaphora complete-repetition |
|
|
clause-final |
simple
topical |
|
|
Theme |
|
classes |
of documents |
or |
generic
--t asserting - |
specified
--t asserting - |
|
single
within-group---esphora relational hyponymy---class-preceding |
no-referent---addition |
|
clause-internal |
clause-final |
textual
initial |
Rheme |
Theme |
it |
may be defined for |
individual
documents |
specified
--t non-interlocuters |
|
generic
--t asserting - |
single
preceding---anaphora substitution |
|
single
preceding---anaphora derivation |
topical
non-initial |
|
clause-internal |
|
|
Rheme |
and users. |
Security policies |
are enforced with |
generic
--t asserting - |
--t
generic - asserting |
|
single
preceding---anaphora experiential |
single
preceding---anaphora complete-repetition |
|
clause-complex-final |
simple
topical |
|
|
Theme |
|
the help |
of security mechanisms. |
For example, |
--t
specified - asserting |
--t
specified unmarked |
--t
generic - asserting |
single
within-group---esphora elaboration |
no-referent---addition |
no-referent---addition |
clause-internal |
clause-complex-final |
textual
initial |
Rheme |
Theme |
access to |
a building |
may be controlled
by |
--t
specified - asserting |
--t
specified unmarked |
|
single
within-group---esphora extension |
no-referent---addition |
|
topical
non-initial |
topical
non-initial |
|
|
|
a reception clerk, |
who |
issues |
--t
specified unmarked |
--t
specified non-interlocuters |
|
no-referent---addition |
single
preceding---anaphora substitution |
|
clause-final |
simple
topical |
|
Rheme |
Theme |
|
badges |
to accredited
visitors, |
and |
enforced by |
specified
--t unmarked |
--t
specified unmarked |
|
|
no-referent---addition |
no-referent---addition |
|
|
clause-internal |
clause-final |
textual
simple |
|
Rheme |
Theme |
|
a security guard |
or by electronic
door locks. |
Access to |
--t
specified unmarked |
specified
--t unmarked |
--t
generic - asserting |
no-referent---addition |
no-referent---addition |
single
within-group---esphora extension |
clause-internal |
clause-complex-final |
simple
topical |
Rheme |
Theme |
paper documents |
is usually
controlled |
by concealment |
--t
specified unmarked |
|
--t
generic - asserting |
no-referent---addition |
|
context-of-culture---homophora
single |
simple
topical |
|
clause-internal |
|
|
Rheme |
and restricted
distribution. |
In the electronic
world, |
the distinction |
--t
generic - asserting |
--t
specified - asserting |
--t
specified - asserting |
context-of-culture---homophora
single |
single
preceding---anaphora experiential |
single
within-group---esphora elaboration |
clause-complex-final |
initial
experiential |
topical
non-initial |
|
Theme |
between security
policies |
and mechanisms |
remains |
important; |
--t
specified unmarked |
--t
specified unmarked |
|
|
no-referent---addition |
no-referent---addition |
|
|
topical
non-initial |
topical
non-initial |
|
clause-final |
|
|
Rheme |
without it, |
it |
would be |
difficult |
to determine |
--t
specified non-interlocuters |
generalized |
|
|
|
single
preceding---anaphora substitution |
|
|
|
|
initial
experiential |
simple
topical |
|
clause
internal |
clause
final |
Theme |
|
Rheme |
whether |
a particular system |
was |
secure. |
Security policies |
|
--t
specified particular |
|
|
--t
generic - asserting |
|
no-referent---addition |
|
|
single
preceding---anaphora complete-repetition |
textual
initial |
topical
non-initial |
|
clause-complex-final |
simple
topical |
Theme |
|
Rheme |
Theme |
are |
independent of |
the technology |
used, |
|
|
--t
specified - asserting |
|
|
|
context-of-culture---homophora
single |
|
|
clause-internal |
clause-final |
|
|
Rheme |
just as |
the provision |
of a lock |
|
--t
specified - asserting |
--t
specified unmarked |
|
single
within-group---esphora enhancement |
no-referent---addition |
textual
initial |
topical
non-initial |
topical
non-initial |
Theme |
on a door |
does not ensure |
the security |
--t
specified unmarked |
|
--t
specified - asserting |
no-referent---addition |
|
single
preceding---anaphora alienable meronymy-constitution |
topical
non-initial |
|
clause-internal |
|
|
Rheme |
of a building |
unless |
there |
is |
a policy |
--t
specified unmarked |
|
generalized |
|
--t
specified unmarked |
no-referent---addition |
|
|
|
no-referent---addition |
clause-final |
textual
initial |
topical
non-initial |
|
clause-internal |
|
Theme |
|
Rheme |
for its use |
(for example, |
--t
specified - asserting |
--t
specified unmarked |
single
preceding---anaphora superordination-class-subclass
hyperonymy---subclass-preceding |
no-referent---addition |
clause-final |
clause-internal |
|
that |
the door |
will be locked |
|
--t
generic - asserting |
|
|
single
preceding---anaphora complete-repetition |
|
clause-internal |
|
|
|
|
whenever |
nobody |
is guarding |
the entrance). |
|
generalized |
|
--t
generic - asserting |
|
|
|
single
preceding---anaphora meronymy-constitution part |
textual
initial |
topical
non-initial |
|
clause-complex-final |
Theme |
|
Rheme |
The security
mechanisms |
that |
we |
--t
specified - asserting |
|
--t
specified interlocuters |
single
preceding---anaphora complete-repetition |
|
context-of-culture---homophora
single |
simple
topical |
|
simple
topical |
|
|
|
shall describe |
do not |
in themselves |
ensure |
|
|
--t
specified non-interlocuters |
|
|
|
single
preceding---anaphora substitution |
|
|
|
clause-internal |
|
|
|
Rheme |
|
the security |
of a system. |
In Section 7.1.2, |
--t
specified - asserting |
--t
generic - asserting |
specified
--t non-particular |
single
within-group---esphora alienable meronymy-constitution |
no-referent---addition |
single
non-verbal---exophora |
clause-internal |
clause-complex-final |
experiential
initial |
|
Theme |
we |
outline |
the requirements |
--t
specified interlocuters |
|
--t
specified - asserting |
context-of-culture---homophora
single |
|
single
elaboration within-group---esphora |
topical
non-initial |
|
clause-internal |
|
|
Rheme |
for security |
in various simple
electronic commerce scenarios, |
illustrating |
--t
generic - asserting |
specified
--t non-particular |
|
single
preceding---anaphora complete-repetition |
no-referent---addition |
|
clause-internal |
clause-final |
|
|
|
the need |
for policies |
in that context. |
--t
specified - asserting |
specified
--t unmarked |
--t
specified distant |
single
elaboration within-group---esphora |
single
within-group---esphora alienable meronymy-constitution |
single
preceding---anaphora experiential |
clause-internal |
clause-internal |
clause-complex-final |
|
As an initial
example, |
consider |
the security |
--t
specified unmarked |
|
--t
specified - asserting |
no-referent---addition |
|
single
preceding---anaphora complete-repetition |
initial
textual |
non-initial
topical |
clause-internal |
Theme |
|
Rheme |
of a networked file
server |
whose interface |
is accessible |
--t
specified unmarked |
--t
specified non-interlocuters |
|
no-referent---addition |
single
preceding---anaphora alienable meronymy-constitution |
|
clause-final |
simple
topical |
|
|
Theme |
|
to clients. |
To ensure that |
access control |
--t
specified unmarked |
|
--t
specified - asserting |
no-referent---addition |
|
single
within-group---esphora extension |
clause-complex-final |
simple
topical |
simple
topical |
Rheme |
Theme |
to files |
is maintained, |
there |
--t
specified - asserting |
|
|
single
preceding---anaphora complete-repetition |
|
|
simple
topical |
|
simple
topical |
|
|
Theme |
would need to be |
a policy |
that |
all requests |
|
--t
specified unmarked |
|
--t
specified total-nominal |
|
no-referent---addition |
|
no-referent---addition |
|
clause-final |
textual
initial |
topical
non-initial |
|
Rheme |
Theme |
|
must include |
an authenticated
user identity. |
The provision |
|
--t
specified unmarked |
--t
specified - asserting |
|
no-referent---addition |
single
within-group---esphora extension |
|
clause-complex-final |
topical
initial |
|
Rheme |
Theme |
of mechanisms |
for the protection |
of data |
--t
generic - asserting |
--t
specified - asserting |
--t
generic - asserting |
single
within-group---esphora superordination-class-subclass
hyponymy---class-preceding |
single
within-group---esphora extension |
no-referent---addition |
topical
initial |
topical
initial |
topical
initial |
|
and other computer-
based resources |
and for |
securing |
generic
general-comparison difference - asserting |
|
--t
specified - asserting |
single
preceding---anaphora attitudinal |
|
single
within-group---esphora extension |
topical
initial |
|
topical
non-initial |
|
networked
transactions |
is |
the concern |
--t
specified unmarked |
|
--t
specified - asserting |
no-referent---addition |
|
single
within-group---esphora alienable meronymy-constitution |
topical
non-initial |
|
clause-internal |
|
|
Rheme |
of this chapter. |
We |
shall describe |
--t
specified proximate |
--t
specified interlocuters |
|
single
non-verbal---exophora |
single
non-verbal---exophora |
|
clause-complex-final |
simple
topical |
|
|
Theme |
|
the mechanisms |
that |
enable |
--t
specified - asserting |
|
|
multiple---ambiguous
within-group---esphora extension |
|
|
clause-final |
simple
topical |
|
Rheme |
Theme |
|
security policies |
to be enforced |
in distributed
systems. |
specified
--t unmarked |
|
--t
specified unmarked |
no-referent---addition |
|
no-referent---addition |
clause-internal |
|
clause-complex-final |
Rheme |
|
Rheme |
The mechanisms |
we |
shall describe |
--t
specified - asserting |
--t
specified interlocuters |
|
single
preceding---anaphora complete-repetition |
context-of-culture---homophora
single |
|
simple
topical |
simple
topical |
|
Theme |
|
are |
strong enough |
to resist |
the most determined
attacks. |
|
|
|
--t
specified asserting quality |
|
|
|
single
preceding---anaphora no-poles---cycle |
|
clause-internal |
|
clause-complex-final |
|
Rheme |
The distinction
between |
security policies |
and security
mechanisms |
--t
specified - asserting |
--t
generic - asserting |
--t
generic - asserting |
single
within-group---esphora elaboration |
single
preceding---anaphora complete-repetition |
single
preceding---anaphora complete-repetition |
simple
topical |
simple
topical |
simple
topical |
Theme |
is |
helpful |
when |
designing |
secure systems, |
|
|
|
|
--t
specified unmarked |
|
|
|
|
no-referent---addition |
|
clause-internal |
simple
textual |
|
clause-final |
|
Rheme |
Theme |
|
Rheme |
but |
it |
is often |
difficult |
to be |
confident |
|
|
|
|
|
|
|
|
|
|
|
|
textual
initial |
topical
non-initial |
|
clause-internal |
|
clause-final |
Theme |
|
Rheme |
that |
a given set |
of security
mechanisms |
|
--t
specified unmarked |
--t
specified - asserting |
|
no-referent---addition |
single
preceding---anaphora complete-repetition |
textual
initial |
topical
non-initial |
topical
non-initial |
Theme |
fully implements |
the desired
security policies. |
In Section 2.3.3, |
|
--t
specified - asserting |
--t
specified unmarked |
|
single
preceding---anaphora complete-repetition |
single
non-verbal---exophora |
|
clause-complex-final |
experiential
initial |
|
Rheme |
Theme |
we |
introduced |
a security model |
--t
specified interlocuters |
|
--t
specified unmarked |
context-of-culture---homophora
single |
|
no-referent---addition |
topical
non-initial |
|
clause-final |
|
|
Rheme |
that |
is designed to help
in analysing |
the potential
security threats |
|
|
--t
specified - asserting |
|
|
single
within-group---esphora meronymy-constitution facet |
simple
topical |
|
clause-internal |
Theme |
|
Rheme |
in a distributed
system. |
We |
can summarize |
--t
specified unmarked |
--t
specified interlocuters |
|
no-referent---addition |
single
context-of-culture---homophora |
|
clause-complex-final |
simple
topical |
|
|
Theme |
|
the security model |
of Chapter 2 |
as follows: |
--t
specified - asserting |
--t
specified unrestricted |
|
single
preceding---anaphora complete-repetition |
single
non-verbal---exophora |
|
clause-internal |
clause-internal |
clause-final |
Rheme |
- Processes |
encapsulate |
resources |
(such as |
--t
specified unmarked |
|
--t
specified unmarked |
|
no-referent---addition |
|
no-referent---addition |
|
simple
topical |
|
clause-internal |
|
Theme |
|
Rheme |
programming
language- level objects |
and other
system-defined resources) |
and |
--t
specified unmarked |
specified
general-comparison semblance-similarity non-interlocuters |
|
single
preceding---anaphora elaboration |
single
preceding---anaphora attitudinal |
|
clause-internal |
clause-final |
textual
simple |
|
Theme |
allow |
clients |
to access |
them |
|
--t
specified unmarked |
|
--t
specified non-interlocuters |
|
no-referent---addition |
|
preceding---anaphora
multiple---ambiguous substitution |
|
clause-internal |
|
clause-internal |
|
Rheme |
through their
interfaces. |
Principals |
(users |
--t
specified - asserting |
--t
specified unmarked |
--t
specified unmarked |
single
preceding---anaphora alienable meronymy-relational |
no-referent---addition |
single
preceding---anaphora complete-repetition |
clause-complex-final |
initial
topical |
topical
non-initial |
|
Theme |
or other processes) |
can be explicitly
authorized to operate |
on resources. |
specified
general-comparison difference - asserting |
|
--t
generic unmarked |
single
preceding---anaphora attitudinal |
|
no-referent---addition |
topical
non-initial |
|
clause-complex-final |
|
|
Rheme |
Resources |
must be protected
against |
unauthorized
access. |
generic
--t - asserting |
|
--t
specified unmarked |
single
preceding---anaphora complete-repetition |
|
multiple---ambiguous
preceding---anaphora derivation |
simple
topical |
|
clause-complex-final |
Theme |
|
Rheme |
- Processes |
interact through |
a network |
that |
--t
specified unmarked |
|
--t
specified unmarked |
|
no-referent---addition |
|
no-referent---addition |
|
simple
topical |
|
clause-final |
simple
topical |
Theme |
|
Rheme |
Theme |
is shared by |
many users. |
Enemies |
|
--t
specified particular |
--t
specified unmarked |
|
single
preceding---anaphora inflexion |
no-referent---addition |
|
clause-complex-final |
topical
initial |
|
Rheme |
Theme |
(attackers) |
can access |
the network. |
--t
specified unmarked |
|
--t
specified - asserting |
single
preceding---anaphora experiential |
|
single
preceding---anaphora complete-repetition |
non-initial
topical |
|
clause-complex-final |
Theme |
|
Rheme |
They |
can copy or attempt
to read |
any message |
--t
specified non-interlocuters |
|
--t
specified unrestricted-2 |
single
preceding---anaphora substitution |
|
no-referent---addition |
simple
topical |
|
clause-internal |
Theme |
|
Rheme |
transmitted |
through the network |
and |
|
--t
specified - asserting |
|
|
single
preceding---anaphora complete-repetition |
|
|
clause-final |
textual
initial |
|
Rheme |
Theme |
they |
can inject |
arbitrary messages, |
--t
specified non-interlocuters |
|
--t
specified unmarked |
single
preceding---anaphora substitution |
|
no-referent---addition |
topical
non-initial |
|
clause-internal |
|
|
Rheme |
addressed to |
any destination |
and purporting to
come from |
|
--t
specified unrestricted-2 |
|
|
no-referent---addition |
|
|
clause-internal |
|
|
Rheme |
|
any source, |
into the network. |
That security model |
--t
specified unrestricted-2 |
--t
specified - asserting |
--t
specified distant |
no-referent---addition |
single
preceding---anaphora complete-repetition |
single
preceding---anaphora complete-repetition |
clause-internal |
clause-complex-final |
simple
topical |
|
Theme |
identifies |
the features |
of distributed
systems |
|
--t
specified - asserting |
--t
generic - asserting |
|
single
within-group---esphora facet meronymy-constitution |
single
preceding---anaphora complete-repetition |
|
clause-internal |
clause-final |
|
Rheme |
that |
expose |
them |
|
|
--t
specified non-interlocuters |
|
|
multiple---ambiguous
preceding---anaphora substitution |
simple
topical |
|
clause-internal |
Theme |
|
Rheme |
to attacks. |
In this chapter, |
we |
--t
generic - asserting |
--t
specified proximate |
--t
specified interlocuters |
single
preceding---anaphora complete-repetition |
single
non-verbal---exophora |
context-of-culture---homophora
single |
clause-complex-final |
experiential
initial |
topical
non-initial |
|
Theme |
shall detail |
these attacks |
and |
the security
techniques |
|
--t
specified proximate |
|
--t
specified - asserting |
|
single
preceding---anaphora complete-repetition |
|
single
preceding---anaphora complete-repetition |
|
clause-final |
|
clause-final |
|
Rheme |
|
|
that |
are available for
defeating |
them. |
|
|
specified
--t non-interlocuters |
|
|
single
preceding---anaphora substitution |
simple
topical |
|
clause-complex-final |
Theme |
|
Rheme |