References
- Bell, D.E. and LaPadula, L. (1973), Secure Computer Systems: Mathematical Foundations and Model, Technical Report M74-244, MITRE Corp., Bedford, MA, 1973.
- Biba, K.J. (1977), Integrity Considerations for Secure Computer Systems, Technical Report ESD-TR-76-372, MITRE Corp., 1977.
- Common Criteria for Information Technology Security Evaluation, Parts 1, 2, and 3. Version 3.1, CCMB2017-04-001, CCMB2017-04-002, and CCMB2017-04-003, April 2017.
- Denning, D.E. (1976), A lattice model of secure information flow, Communications of the ACM, 1976. 19(5), p. 236-243. https://doi.org/10.1145/360051.360056
- Freitas, L. (2004), Proving Theorems with Z/Eves, University of Kent, July 2004.
- Java Card Applet Developer's Guide, Sun Microsystems, Inc., 1998
- Katoen, J. (1998), Concepts, algorithms and tools for model checking, Lecture Notes 1998/1999, chapt. 1: System Validation.
- Karger, P.A., Austel, V., and Toll, D. (2000), A new mandatory security policy combining secrecy and integrity, RC 21717, IBM Research Division, T. J. Watson Research Center, Yorktown Heights, NY, 15 March 2000.
- Markantonakis, Konstantinos; Akram, Raja Naeem (2017), Multi-Application Smart Card Platforms and Operating Systems, Springer International Publishing, May 2017, ISBN: 978-3-319-50500-8, pp59-92
- Meisels, Irwin and Saaltink, Mark (1997), The Z/EVES Reference Manual (for Version 1.5), TR-97-5493-03d, ORA Canada, 1997.
- Morimoto, S., Shigematsu, S., Goto, Y., and Cheng, J. (2007), Formal verification of security specifications with common criteria, Proc. of the 2007 ACM Symposium on Applied Computing, pages 1506-1512.
- Rushby, J. (1986), The Bell and La Padula security model, SRI International, Draft Technical Note of June 20 1986, [Online]. Available: http://www.csl.sri.com/users/rushby/biblio.html
- Rushby, J. (1992), Noninterference, transitivity, and channel- control security policies, SRI International, Tech. Rep. CSL-92-02, Dec 1992.
- Rushby, J. (2013), Logic and Epistemology in Safety Cases, Computer Safety, Reliability, and Security: Proceedings of Safe-Comp 32, Toulouse, France, September 2013, Springer LNCS 8153, pp. 1-7.
- Schellhorn, G., Reif, W., Schairer, A., Karger, P., Austel, V., and Toll, D. (2000), Verification of a formal security model for multiapplicative smart cards, In Proc. of the 6th European Symposium on Research in Computer Security (ESORICS), LNCS 1895 Springer, 2000.
- Toll, D. C., Karger, P. A., Palmer, E. R., McIntosh, S. K., Weber, S. (2008), The Caernarvon Secure Embedded Operating System, Operating Systems Rev., 42(1), 2008, pp. 32-39. https://doi.org/10.1145/1341312.1341320
- Woodcock, J. and Davies, J. (1996), Using Z: Specification, Refinement, and Proof. Prentice-Hall International Series in Computer Science, 1996. ISBN: 978-0-13-948472-8
- Wolfgang Rankl and Wolfgang Effing (2003), Smart Card Handbook, Third Edition, Wiley, 2003, ISBN: 0-470-85668-8