NIST Computer Security Resource Center History of Computer Security

Security Models

• Multilevel Security
• Bell-LaPadula (Confidentiality)
• Biba (Integrity)
• Graham-Denning
• Clark-Wilson (Integrity)
• Harrison-Ruzzo-Ullman
• Take-Grant

Approaches to Access Control

• Discretionary Access Control (DAC)
• Mandatory Access Control (MAC)
• Role-Based Access Control (RBAC)
• Lattice-Based Access Control (LBAC)

An Introduction to the Common Criteria

Secure Computer Systems: Mathematical Foundations
The paper that introduced the Bell-La Padula Model.

Looking Back at the Bell-La Padula Model
David Bell reviews the security principles discussed in the Bell-La Padula Model in historical and present context.

What is the difference between viruses, worms, and Trojans?
A good article describing the basic characteristics of several types of malware.

The ID theft protection racket
An interesting article describing the pitfalls of using identity theft protection services.

SANS InfoSec Reading Room - Penetration Testing
A set of white papers written by students pursuing GIAC certification

Seminal Papers: University of California - Davis

Hiistory of Computer Security

Computer Security History Project - Seminal Papers
Classic papers in computer security, including Anderson, Bell-LaPadula, Orange Book, Multics papers, and more)