{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2023,8,18]],"date-time":"2023-08-18T03:14:05Z","timestamp":1692328445837},"reference-count":19,"publisher":"Elsevier BV","issue":"3","license":[{"start":{"date-parts":[[1998,11,1]],"date-time":"1998-11-01T00:00:00Z","timestamp":909878400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Journal of Systems and Software"],"published-print":{"date-parts":[[1998,11]]},"DOI":"10.1016\/s0164-1212(98)10036-5","type":"journal-article","created":{"date-parts":[[2002,7,25]],"date-time":"2002-07-25T18:26:53Z","timestamp":1027621613000},"page":"233-244","source":"Crossref","is-referenced-by-count":14,"title":["An effective model for composition of secure systems"],"prefix":"10.1016","volume":"43","author":[{"given":"Q.","family":"Shi","sequence":"first","affiliation":[],"role":[{"role":"author","vocab":"crossref"}]},{"given":"N.","family":"Zhang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocab":"crossref"}]}],"member":"78","reference":[{"key":"10.1016\/S0164-1212(98)10036-5_BIB1","doi-asserted-by":"crossref","unstructured":"Amoroso, E., Merritt, M., 1994. Composing system integrity using I\/O automata. In: Proceedings of The Annual Computer Security Applications Conference. pp. 34\u201343","DOI":"10.1109\/CSAC.1994.367321"},{"key":"10.1016\/S0164-1212(98)10036-5_BIB2","doi-asserted-by":"crossref","unstructured":"Bell, D.E., LaPadula, L.J., 1976. Secure computer system: Unified exposition and multics interpretation, ESD-TR-75-306. Electron. Syst. Division, AFSC, Hanscom AF Base, Bedford, MA","DOI":"10.21236\/ADA023588"},{"key":"10.1016\/S0164-1212(98)10036-5_BIB3","doi-asserted-by":"crossref","unstructured":"Boulahia-Cuppens, N., Cuppens, F., 1994. Asynchronous composition and required security conditions. In: Proceedings of IEEE Symposium on Security and Privacy. pp. 68\u201378","DOI":"10.1109\/RISP.1994.296591"},{"key":"10.1016\/S0164-1212(98)10036-5_BIB4","unstructured":"Coulouris, G., 1994. Distributed Systems: Concepts and Design. Addison-Wesley, Reading, MA"},{"key":"10.1016\/S0164-1212(98)10036-5_BIB5","doi-asserted-by":"crossref","unstructured":"Dinolt, G.W., Benzinger, L.A., Yatabe, M.G., 1994. Combining components and policies. In: Proceedings of The Computer Security Foundations Workshop. pp. 22\u201335","DOI":"10.1109\/CSFW.1994.315950"},{"key":"10.1016\/S0164-1212(98)10036-5_BIB6","doi-asserted-by":"crossref","unstructured":"Goguen, J.A., Meseguer, J., 1982. Security policies and security models. In: Proceedings of IEEE Symposium on Security and Privacy. pp. 11\u201320","DOI":"10.1109\/SP.1982.10014"},{"key":"10.1016\/S0164-1212(98)10036-5_BIB7","unstructured":"Johnson, D.M., Thayer, F.J., 1988. Security and the composition of machines. In: Proceedings of The Computer Security Foundations Workshop. pp. 72\u201389"},{"key":"10.1016\/S0164-1212(98)10036-5_BIB8","doi-asserted-by":"crossref","unstructured":"Kemmerer, R.A., 1983. Shared resource matrix methodology: An approach to identifying storage and timing channels. ACM Transactions on Computer Systems 1 (3), 256\u2013277","DOI":"10.1145\/357369.357374"},{"key":"10.1016\/S0164-1212(98)10036-5_BIB9","doi-asserted-by":"crossref","unstructured":"Maneki, A.P., 1995. Algebraic properties of system composition in the LORAL, Ulysses and McLean trace models. In: Proceedings of The Computer Security Foundations Workshop. pp. 16\u201323","DOI":"10.1109\/CSFW.1995.518548"},{"issue":"6","key":"10.1016\/S0164-1212(98)10036-5_BIB10","doi-asserted-by":"crossref","first-page":"563","DOI":"10.1109\/32.55085","article-title":"A hookup theorem for multilevel security","volume":"16","author":"McCullough","year":"1990","journal-title":"IEEE Transactions on Software Engineering"},{"issue":"1","key":"10.1016\/S0164-1212(98)10036-5_BIB11","doi-asserted-by":"crossref","first-page":"53","DOI":"10.1109\/32.481534","article-title":"A general theory of composition for a class of \u201cpossibility\u201d properties","volume":"22","author":"McLean","year":"1996","journal-title":"IEEE Transactions on Software Engineering"},{"key":"10.1016\/S0164-1212(98)10036-5_BIB12","doi-asserted-by":"crossref","unstructured":"Meadows, C., 1992. Using traces based on procedure calls to reason about composability. In: Proceedings of IEEE Symposium on Security and Privacy. pp. 177\u2013188","DOI":"10.1109\/RISP.1992.213262"},{"key":"10.1016\/S0164-1212(98)10036-5_BIB13","doi-asserted-by":"crossref","unstructured":"Millen, J.K., 1990. Hookup security for synchronous machines. In: Proceedings of The Computer Security Foundations Workshop. pp. 84\u201389","DOI":"10.1109\/CSFW.1990.128188"},{"key":"10.1016\/S0164-1212(98)10036-5_BIB14","doi-asserted-by":"crossref","unstructured":"Roscoe, A.W., Wulf, L., 1995. Composing and decomposing systems under security properties. In: Proceedings of the Computer Security Foundations Workshop. pp. 9\u201315","DOI":"10.1109\/CSFW.1995.518547"},{"issue":"9","key":"10.1016\/S0164-1212(98)10036-5_BIB15","doi-asserted-by":"crossref","first-page":"40","DOI":"10.1109\/35.312842","article-title":"Access control: Principles and practice","volume":"32","author":"Sandhu","year":"1994","journal-title":"IEEE Communications Magazine"},{"key":"10.1016\/S0164-1212(98)10036-5_BIB16","doi-asserted-by":"crossref","unstructured":"Shi, Q., McDermid, J.A., 1993. Applying non-interference to composition of systems: A more practical approach. In: Proceedings of The Ninth Annual Computer Security Applications Conference. pp. 210\u2013220","DOI":"10.1109\/CSAC.1993.315438"},{"key":"10.1016\/S0164-1212(98)10036-5_BIB17","unstructured":"Sutherland, D., 1986. A model of information. In: Proceedings of the Ninth National Computer Security Conference. pp. 175\u2013183"},{"key":"10.1016\/S0164-1212(98)10036-5_BIB18","doi-asserted-by":"crossref","unstructured":"Wittbold, J.T., Johnson, D.M., 1990. Information flow in nondeterministic systems In: Proceedings of IEEE Symposium on Security and Privacy. pp. 144\u2013161","DOI":"10.1109\/RISP.1990.63846"},{"key":"10.1016\/S0164-1212(98)10036-5_BIB19","doi-asserted-by":"crossref","unstructured":"Zakinthinos, A., Lee, E.S., 1995. The composability of non-interference. In: Proceedings of The Computer Security Foundations Workshop. pp. 2\u20138","DOI":"10.3233\/JCS-1994\/1995-3404"}],"container-title":["Journal of Systems and Software"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0164121298100365?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0164121298100365?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2020,1,28]],"date-time":"2020-01-28T16:39:49Z","timestamp":1580229589000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S0164121298100365"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[1998,11]]},"references-count":19,"journal-issue":{"issue":"3","published-print":{"date-parts":[[1998,11]]}},"alternative-id":["S0164121298100365"],"URL":"https:\/\/doi.org\/10.1016\/s0164-1212(98)10036-5","relation":{},"ISSN":["0164-1212"],"issn-type":[{"value":"0164-1212","type":"print"}],"subject":[],"published":{"date-parts":[[1998,11]]}}}