A unified security framework for networked applications

Proceedings of the ACM Symposium on Applied Computing

Volumn , Issue , 2003, Pages 351-357

  Abendroth, Joerg ^a   Jensen, Christian D ^b  

^a TRINITY COLLEGE DUBLIN   (Ireland)

^b TECHNICAL UNIVERSITY OF DENMARK   (Denmark)

Author keywords

Access control; Active software capabilities; Policy models

Indexed keywords

BINARY CODES; COMPUTER PROGRAMMING; COMPUTER SOFTWARE; SERVERS;

ACCESS CONTROL;

SECURITY OF DATA;

EID: 0037999031     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/952589.952602     Document Type: Conference Paper

References (31)

1. D. Bell and L. LaPadula. Secure computer systems: Mathematical foundations and model. Report MTR 2547 v2, MITRE, November 1973.
2. M. Burnside, D. Clarke, T. Mills, D. Devadas, and R. Rivest. Proxy-based security protocols in networked mobile devices. In Proceedings of the ACM Symposium on Applied Computing, March 2002. (to appear).
3. D. Clark and D. Wilson. A comparison of commercial and military computer security policies. In IEEE Symposium on Security and Privacy, pages 184-194, 1987.
4. C. O'Halloran. A calculus of information flow. In ESORICS 90, pages 147-159, 1990.
5. J. Daemen and V. Rijmen. Aes proposal: Rijndael, 1998.
6. D. Denning. A lattice model of secure information flow. Communications of the ACM, 19(5):236-243, May 1976.
7. R. S. Fabry. Capability-based adressing. Communications of the ACM, 17(7):403-412, July 1974.
8. L. Gong. A secure identity-based capability system. In Proceedings of the IEEE Symposium on Security and Privacy, pages 56-63, 1989.
9. D. Hagimont, J. Mossiere, X. R. de Pina, and F. Saunier. Hidden software capabilities. In International Conference on Distributed Computing Systems, pages 282-289, 1996.
10. M. A. Harrison, W. L. Ruzzo, and J. D. Ullman. Protection in operating systems. Communications of the ACM, 19(8):461-471, 1976.
11. S. Jajodia, P. Samarati, V. S. Subrahmanian, and E. Bertino. A unified framework for enforcing multiple access control policies. In J. Peckham, editor, SIGMOD International Conference on Management of Data, pages 474-485. ACM Press, 1997.
12. C. Jensen and D. Hagimont. Protection reconfiguration for reusable software. In Second Euromicro Conference on Software Maintenance and Reengeneering, pages 74-81, Florence, Italy, March 1998.
13. P. A. Karger and A. J. Herbert. An augmented capability architecture to support lattice security and traceability of access. In IEEE Symposium on Security and Privacy, pages 2-12, 1984.
14. J. Kohl and C. Neuman. The kerberos network authentication service (v5). RFC 1510, Digital Equipment Corporation/ISI, September 1993.
15. H. M. Levy. Capability-Based Computer Systems. Digital Press, Bedford, Massachusetts, 1984.
16. D. A. Marriott, M. S. Sloman, and N. Yialelis. Management policy service for distributed systems. Technical Report DoC 95/10, Imperial College, London, 1995.
17. D. B. Marvin M.Theimer, David A.Nichols. Delegation through access control programs. In 12th International Conference on Distributed Computing Systems, pages 529-536, 1992.
18. S. Microsystems. Jini™ architecture specification, version 1.2, December 2001.
19. B. C. Neumann. Proxy-based authorisation and accounting for distributed systems. In Proceedings of the 13th International Conference on Distributed Computing Systems, pages 283-291, May 1993.
20. T. S. S. of ITU. Information Technology - Opens Systems Interconnection - The Directory: Authentication Framework X.509. International Telecomunication Union, 1993. Standard international ISO/IEC 9594-8 : 1995 (E).
21. Ryan and Schneider. Process algebra and non-interference. In Proceedings of The 12th Computer Security Foundations Workshop. IEEE Computer Society Press, 1999.
22. R. S. Sandhu, E. J. Coyne, and H. L. F. and Charles E. Youman. Role-based access control models. IEEE Computer, 29(2):38-47, 1996.
23. B. Schneier, Description of a new variable-length key, 64-bit block cipher (Blowfish). Lecture Notes in Computer Science, 809:191-204, 1994.
24. M. Shapiro. Structure and encapsulation in distributed systems: The proxy principle. In Proceedings of the 6th International Conference on Distributed Computer Systems, pages 198-204, 1986.
25. B. C. N. J. G. Steiner and J. I. Schiller, Kerberos: An authentication service for open network systems. In Winter 1988 USENIX Conference, pages 191-201, Dallas, TX, 1988.
26. I. Technologies. The iona iportal application server. Technical report, IONA Technologies, 1999.
27. M. Thompson, S. M. W Johnston, G. Hoo, K. Jackson, and A. Essiari. Certificate-based access control for widely distributed resources. In Proceedings of the Eighth USENIX Security Symposium, pages 215-228, 1999.
28. W. L. Tin Qian. Active capability: An application specific security and protection model. Technical report, University of Illinois at Urbana-Champaign, 1996.
29. T. D. Took. An extensible framework for authentication and delegation. Master's thesis, University of Illinois at Urbana-Champaign, 1994.
30. H. Wong. Developing Jini[TM] Applications Using Java 2[TM]. Addison Wesley Longman, 2001.
31. N. Yialelis and M. Sloman. A security framework supporting domain based access control in distributed systems. ISOC Symposium on Network and Distributed Systems Security, 1996.