Matt, You will find lots of references that might appeal to your needs in an emerging DARPA report on my web site: http://www.csl.sri.com/neumann/chats4.pdf There's an appendix by Virgil Gligor that might be very helpful to you, which does not yet appear in the html (but will as soon as I move the .eps files to .gif...) But start with the principles, e.g., Saltzer and Schroeder 1975 And don't try to look at security as an isolated problem -- it is an overall system problem, and there are lots of papers on software decomposition, composability, modularity, etc. that are fundamental to security. You might also try Matt Bishop's book, with lots of references.
PGN
