My favorite set of computer security seminal papers.

Published by Juan Mosso on

They are papers from 1970-1988 period every serious professional or student of computer security should read. Some of them are not easy to find because they weren’t published so, the goal of this collection is to make them widely available. I’ve read almost all of them during my first years studying and working in computer security. I want to thank the Computer Security Laboratory of the Computer Science Department at the University of California, Davis, and the Information Technology Laboratory of the National Institute os Standards and Technology (NIST) for keep copies of many of them.

Background and Organisation

Computer security has been studied since the early 1970s. Science behind security had influenced the development of pioneer systems such as MULTICS and ATLAS. Unfortunately, many of the early seminal papers are often overlooked.

This collection is created as a historical record of how computer security initiated and developed, and the reasons behind that. It conforms a valuable resource for computer security education. It provides a resource for security practitioners, for they to be aware of what has been thought and tried before, under what conditions, and with what results. 

List of Papers

Click on the citation to read a description of the importance of the paper; click on the file to read the paper itself.

filebibliographic citation
ande72.pdfJames P. Anderson, Computer Security Technology Planning Study, ESD-TR-73-51, ESD/AFSC, Hanscom AFB, Bedford, MA 01731 (Oct. 1972) [NTIS AD-758 206]
ande80.pdfJames P. Anderson, Computer Security Threat Monitoring and Surveillance, James P. Anderson Co., Fort Washington, PA (Apr. 1980)
bell76.pdfDavid E. Bell and Leonard La Padula, Secure Computer System: Unified Exposition and Multics Interpretation, ESD-TR-75-306, ESD/AFSC, Hanscom AFB, Bedford, MA 01731 (1975) [DTIC AD-A023588]
bisb78.pdfRichard Bisbey II and Dennis Hollingworth, Protection Analysis: Final Report, ISI/SR-78-13, USC/Information Sciences Institute, Marina Del Rey, CA 90291 Marina Del Rey, CA 90291 (May 1978)
dod85.pdfDepartment of Defense, Trusted Computer System Evaluation Criteria (Orange Book), DoD 5200.28-STD (1983, 1985)
ford78.pdfFord Aerospace, Secure Minicomputer Operating System (KSOS): Executive Summary Phase I: Design, Western Development Labratories Division, Palo Alto, CA 94303 (April 1978)
karg74.pdfPaul A. Karger and Roger R. Schell, MULTICS Security Evaluation: Vulnerability Analysis, ESD-TR-74-193 Vol. II, ESD/AFSC, Hanscom AFB, Bedford, MA 01731 (June 1974).
lind76.pdfTheodore A. Linden, Operating System Structures to Support Security and Reliable Software, NBS Technical Note 919, Institute for Computer Sciences and Technology, National Bureau of Standards, US Department of Commerce, Washington DC 20234 (Aug. 1976)
myer80.pdfPhilip Myers, Subversion: The Neglected Aspect of Computer Security, Master Thesis. Naval Postgraduate School, Monterey, CA 93940 (June 1980)
neum75.pdfPeter G. Neumann, L. Robinson, Karl N. Levitt, R. S. Boyer, and A. R. Saxena, A Provably Secure Operating System, M79-225, Stanford Research Institute, Menlo Park, CA 94025 (June 1975)
niba79.pdfGrace H. Nibaldi, Proposed Technical Evaluation Criteria for Trusted Computer Systems, M79-225, The Mitre Corporation, Bedford, MA 01730 (Oct. 1979)
scha75.pdfJ. M. Schacht, Jobstream Separator System Design, MTR-3022 Vol. 1, The MITRE Corporation, Bedford, MA 01730 (May 1975).
sche73.pdfRoger R. Schell, Peter J. Downey, and Gerald J. Popek, Preliminary Notes on the Design of Secure Military Computer Systems, MCI-73-1, ESD/AFSC, Hanscom AFB, Bedford, MA 01731 (Jan. 1973)
schi75.pdfW. L. Schiller, The Design and Specification of a Security Kernel for the PDP-11/45, MTR-2934, The MITRE Corporation, Bedford, MA 01730 (Mar. 1975)
ware70.pdfWillis Ware, Security Controls for Computer Systems (U): Report of Defense Science Board Task Force on Computer Security; Rand Report R609-1, The RAND Corporation, Santa Monica, CA (Feb. 1970)
whit74.pdfJ. Whitmore, A. Bensoussan, P. Green, D. Hunt, A. Robziar, and J. Stern, Design for MULTICS Security Enhancements, ESD-TR-74-176, ESD/AFSC, Hanscom AFB, Bedford, MA 01731 (Dec. 1973).

References

https://csrc.nist.gov/publications/conference-paper

Categories: Research

0 Comments

Leave a Reply

Avatar placeholder

Related Posts

Information Security Operations Policy Red Teams Research

Red teaming for lifeline infrastructures

From supporting societies’ most basic human needs to enabling its most ambitious endeavors in commerce, science, and technology, lifeline services and critical infrastructures underpin modern civilization’s well-being and development. Without them, it would not be Read more…

Analysis Management Research Servoces Value

Enterprise Service Model Canvas (ESMC)

I developed the Corporate Service Model Canvas (ESMC) to help address some major issues linked to the lack of maturity recognised in relation to both how to define services and innovate on new value proposals. Read more…

Governance Management Research

An analysis of organisational immaturity

Assigned with the responsibility of designing and delivering a strategy for resolving (im)maturity issues for an information security services consulting company, having experience working with related management standards and best practices such like, my first Read more…