{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:57:50Z","timestamp":1750309070751,"version":"3.41.0"},"reference-count":9,"publisher":"Association for Computing Machinery (ACM)","issue":"4","license":[{"start":{"date-parts":[[2004,11,11]],"date-time":"2004-11-11T00:00:00Z","timestamp":1100131200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Inf. Syst. Secur."],"published-print":{"date-parts":[[2004,11,11]]},"abstract":"<jats:p>Security models generally incorporate elements of both confidentiality and integrity. We examine a case where confidentiality is irrelevant to the process being modeled. In this case, integrity includes not only the authentication of origin and the lack of unauthorized changes to a document, but also the acceptance of all parties that the document is complete, signed by all parties, and cannot be modified further. This is especially critical when the document is recorded, so that it is legally the agreement or statement of record, and any copies of the document have no legal force. We show that current security models do not capture the details of this process. We then present a new security model for this process. This model captures the recordation process, and augments, rather than supplants, existing models. Hence it can also be used with existing security models to describe other situations.<\/jats:p>","DOI":"10.1145\/1042031.1042035","type":"journal-article","created":{"date-parts":[[2005,1,26]],"date-time":"2005-01-26T16:35:53Z","timestamp":1106757353000},"page":"576-590","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["Traducement"],"prefix":"10.1145","volume":"7","author":[{"given":"Tom","family":"Walcott","sequence":"first","affiliation":[{"name":"University of California at Davis, Davis, CA"}]},{"given":"Matt","family":"Bishop","sequence":"additional","affiliation":[{"name":"University of California at Davis, Davis, CA"}]}],"member":"320","published-online":{"date-parts":[[2004,11,11]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.5555\/525080.884263"},{"key":"e_1_2_1_2_1","volume-title":"Secure Computer System: Unified Exposition and Multics Interpretation. Tech. Rep. MTR-2997 Rev. 1, The MITRE Corporation","author":"Bell D.","year":"1975","unstructured":"Bell , D. and LaPadula , L. 1975 . Secure Computer System: Unified Exposition and Multics Interpretation. Tech. Rep. MTR-2997 Rev. 1, The MITRE Corporation , Bedford, MA.]] Bell, D. and LaPadula, L. 1975. Secure Computer System: Unified Exposition and Multics Interpretation. Tech. Rep. MTR-2997 Rev. 1, The MITRE Corporation, Bedford, MA.]]"},{"volume-title":"Proceedings of the 1989 IEEE Symposium on Security and Privacy","author":"Brewer D.","key":"e_1_2_1_4_1","unstructured":"Brewer , D. and Nash , M . 1989. The Chinese Wall security policy . In Proceedings of the 1989 IEEE Symposium on Security and Privacy , Oakland, CA. 206--214.]] Brewer, D. and Nash, M. 1989. The Chinese Wall security policy. In Proceedings of the 1989 IEEE Symposium on Security and Privacy, Oakland, CA. 206--214.]]"},{"volume-title":"Proceedings of the 1987 IEEE Symposium on Security and Privacy","author":"Clark D.","key":"e_1_2_1_5_1","unstructured":"Clark , D. and Wilson , D . 1987. A comparison of commercial and military security policies . In Proceedings of the 1987 IEEE Symposium on Security and Privacy , Oakland, CA. 184--194.]] Clark, D. and Wilson, D. 1987. A comparison of commercial and military security policies. In Proceedings of the 1987 IEEE Symposium on Security and Privacy, Oakland, CA. 184--194.]]"},{"key":"e_1_2_1_6_1","volume-title":"Proceedings of the Twelfth National Computer Security Conference","author":"Graubert R.","year":"1989","unstructured":"Graubert , R. 1989 . On the need for a third form of access control . In Proceedings of the Twelfth National Computer Security Conference , Baltimore, MD. 296--304.]] Graubert, R. 1989. On the need for a third form of access control. In Proceedings of the Twelfth National Computer Security Conference, Baltimore, MD. 296--304.]]"},{"volume-title":"International Telecommunications Union","author":"Itu X.","key":"e_1_2_1_7_1","unstructured":"Itu . 1993. Recommendation X. 509---the Directory Authentication Framework . International Telecommunications Union , Geneva, Switzerland .]] Itu. 1993. Recommendation X.509---the Directory Authentication Framework. International Telecommunications Union, Geneva, Switzerland.]]"},{"key":"e_1_2_1_8_1","doi-asserted-by":"crossref","unstructured":"Kent S. 1993. Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management. RFC 1422. Available from ftp:\/\/ftp.rfc-editor.org\/in-notes\/rfc1422.txt.]]   Kent S. 1993. Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management. RFC 1422. Available from ftp:\/\/ftp.rfc-editor.org\/in-notes\/rfc1422.txt.]]","DOI":"10.17487\/rfc1422"},{"key":"e_1_2_1_9_1","volume-title":"Proceedings of the 1982 IEEE Symposium on Privacy and Security","author":"Lipner S.","year":"1982","unstructured":"Lipner , S. 1982 . Non-discretionary controls for commercial applications . In Proceedings of the 1982 IEEE Symposium on Privacy and Security , Oakland, CA. 2--10.]] Lipner, S. 1982. Non-discretionary controls for commercial applications. In Proceedings of the 1982 IEEE Symposium on Privacy and Security, Oakland, CA. 2--10.]]"},{"key":"e_1_2_1_10_1","unstructured":"Oakley. 2003. Yolo County Clerk-Recorder. Available at http:\/\/www.yolorecorder.org.]]  Oakley. 2003. Yolo County Clerk-Recorder. Available at http:\/\/www.yolorecorder.org.]]"}],"container-title":["ACM Transactions on Information and System Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1042031.1042035","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1042031.1042035","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T22:43:15Z","timestamp":1750286595000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1042031.1042035"}},"subtitle":["A model for record security"],"short-title":[],"issued":{"date-parts":[[2004,11,11]]},"references-count":9,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2004,11,11]]}},"alternative-id":["10.1145\/1042031.1042035"],"URL":"https:\/\/doi.org\/10.1145\/1042031.1042035","relation":{},"ISSN":["1094-9224","1557-7406"],"issn-type":[{"type":"print","value":"1094-9224"},{"type":"electronic","value":"1557-7406"}],"subject":[],"published":{"date-parts":[[2004,11,11]]},"assertion":[{"value":"2004-11-11","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}