Embedding security policies into a distributed computing environment

Operating Systems Review (ACM)

Volumn 33, Issue 2, 1999, Pages 51-64

  Halfmann, Udo ^a   Kühnhauser, Winfried E ^a  

^a FRAUNHOFER INSTITUTE FOR APPLIED INFORMATION TECHNOLOGY FIT   (Germany)

Author keywords

Custodian; DCE; Distributed computing environment; Information domain; Micro kernel; Multipolicy system; Policy domain; Policy persistency; Policy separation; Reference monitor; Security policy

Indexed keywords

EID: 0009423019     PISSN: 01635980     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/311094.311105     Document Type: Article

References (21)

1. D.E. Bell and L.J. LaPadula. Secure Computer System: Unified Exposition and Multics Interpretation. Technical Report AD-A023 588, MITRE, March 1976.
2. David F.C. Bewer and Michael J. Nash. The Chinese Wall Security Policy. In. Proceedings of the IEEE Symposium on Security and Privacy, pages 206-214. IEEE Computer Society Press, May 1989.
3. Ciarán Bryce. Security Engineering of Lattice-Based Policies. In Proceedings of the Computer Security Foundations Workshop, pages 195-207, Rockport, Massachusetts, 1997. IEEE Press.
4. NIST (USA), CSE (Canada), BSI (Germany), NNCSA (The Netherlands), NSA (USA), CESG (UK), SCSSI (France). Common Criteria for Information Technology Security Evaluation, Version 2.0, May 1998.
5. David D. Clark and David R. Wilson. A Comparsion of Commercial and Military Computer Security Policies. In Proceedings of the IEEE Symposium on Security and Privacy, pages 184-194. IEEE Computer Society, April 1987.
6. Dorothy E. Denning. A Lattice Model of Secure Information Flow. Communications of the ACM, 19(5):236-242, May 1976.
7. A. Diller. Z: An Introduction to Formal Methods. John Wiley and Sons, 1990.
8. Defense Information Systems Agency. Technical Architecture Framework for Information Management, Volume 6: Department of Defense Goal Security Architecture, 30. April 1996. Version 3.0.
9. Hermann Härtig, Winfried E. Kühnhauser, and Oliver C. Kowalski. The BirliX Security Architecture. Journal of Computer Security, IOS Press, 2(1):5-21, 1993.
10. Michael A. Harrison, Walter L. Ruzzo, and Jeffrey D. Ullman. Protection in Operating Systems. Communications of the ACM, 19(8):461-471, August 1976.
11. Winfried E. Kühnhauser and Martin Protzen. An Automatic Code Generator for Skippy Types. GMD Technical Report (to appear), German National Research Center for Information Technology, St. Augustin, Germany, 1999.
12. Winfried E. Kühnhauser. A Paradigm for User-Defined Security Policies. In Proceedings of the 14th IEEE Symposium on Reliable Distributed Systems, pages 135-144, Bad Neuenahr, Germany, September 1995. IEEE Computer Society Press.
13. Winfried E. Kühnhauser. A Classification of Interdormain Actions. Operating Systems Review, 32(4):47-61, October 1998.
14. Wolfgang Lux. Integrating Custodians into OSF-DCE. In Proceedings of the Workshop on Anwendungsunterstützung für heterogene Rechnernetze, Freiberg, Germany, March 1995. Technical University of Freiberg Press.
15. Spencer E. Minear. Providing Policy Control Over Object Operations in a Mach Based System. In Proceedings of the fifth USENIX UNIX Security Symposium, pages 141156. USENIX Association, 1995.
16. Duane Olawski, Todd Fine, Edward Schneider, and Ray Spencer. Developing and Using a "Policy Neutral" Access Control Policy. In Proceedings of the New Security Paradigms Workshop, pages 60-67. ACM SIG on Security, Audit, and Control, ACM Press, 1996.
17. Open Software Foundation. OSF DCE 1.0 Application Development Guide, 1992.
18. Ravi S. Sandhu. A Lattice Interpretation of the Chinese Wall Policy. In Proceedings of the 15th National Computer Security Conference, pages 329-339. NIST-NCSC, United States Government Printing Office: 1992-625-512:60546, 1992.
19. Ravi S. Sandhu. The Typed Access Matrix Model. In Proceedings of the IEEE Symposium on Security and Privacy, pages 122-136. IEEE Computer Society, May 1992.
20. Susann Sonntag, Hermann Härtig, Oliver Kowalski, Winfried E. Kühnhauser, and Wolfgang Lux. Adaptability Using Reflection. In Proceedings of the Hawaii International Conference on System Sciences, 1994.
21. William A. Wulf, Chenxi Wang, and Darrell M. Kienzle. A New Model of Security for Distributed Systems. In Proceedings of the New Security Paradigms Workshop, pages 34-43. ACM SIG on Security, Audit, and Control, ACM Press, 1996.