Labels and event processes in the asbestos operating system

Operating Systems Review (ACM)

Volumn 39, Issue 5, 2005, Pages 17-30

  Efstathopoulos, Petros ^a   Krohn, Maxwell ^b   VanDeBogart, Steve ^a   Frey, Cliff ^b   Ziegler, David ^b   Kohler, Eddie ^a   Mazières, David ^c   Kaashoek, Frans ^a   Morris, Robert ^a  

^a UNIVERSITY OF CALIFORNIA   (United States)

^b MASSACHUSETTS INSTITUTE OF TECHNOLOGY   (United States)

^c NEW YORK UNIVERSITY   (United States)

Author keywords

Event processes; Information flow; Labels; Mandatory access control; Secure Web servers

Indexed keywords

EVENT PROCESSES; INFORMATION FLOW; MANDATORY ACCESS CONTROL; SECURE WEB SERVERS;

COMPUTER SOFTWARE; COMPUTER SYSTEM RECOVERY; INFORMATION ANALYSIS; RAPID PROTOTYPING; SECURITY OF DATA; USER INTERFACES;

COMPUTER OPERATING SYSTEMS;

EID: 33845414042     PISSN: 01635980     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1095809.1095813     Document Type: Article

References (46)

1. Apache API notes, http://httpd.apache.org/docs/1.3/misc/API.html.
2. Apache HTTP server project, http://httpd.apache.org.
3. David E. Bell and Leonard La Padula. Secure computer system: Unified exposition and Multics interpretation. Technical Report MTR-2997, Rev. 1, MITRE Corp., Bedford, MA, March 1976.
4. Viktors Berstis. Security and protection of data in the IBM System/38. In Proc. 7th Annual Symposium on Computer Architecture (ISCA '80), pp. 245-252, May 1980.
5. M. Branstad, Homayoon Tajalli, Frank Mayer, and David Dalva. Access mediation in a message passing kernel. In Proc. 1989 IEEE Symposium on Security and Privacy, pp. 66-72, Oakland, CA, May 1989.
6. David R. Cheriton. The V distributed system. Journal of the ACM, 31(3):314-33, March 1988.
7. Dorothy E. Denning. A lattice model of secure information flow. Communications of the ACM, 19(5):236-243, May 1976.
8. Dorothy E. Denning and Peter J. Denning. Certification of programs for secure information flow. Communications of the ACM, 20(7):504-513, July 1977.
9. Department of Defense. Trusted Computer System Evaluation Criteria (Orange Book), December 1985. DoD 5200.28-STD.
10. Timothy Fraser. LOMAC: Low water-mark integrity protection for COTS environments. In P roc. 2000 IEEE Symposium on Security and Privacy, pp. 230-245, Oakland, CA, May 2000.
11. R. P. Goldberg. Architecture of virtual machines. In Proc. AFIPS National Computer Conference, Vol. 42, pp. 309-318, June 1973.
12. Norman Hardy. The confused deputy (or why capabilities might have been invented). Operating Systems Review, 22(4):36-38, October 1988.
13. Wei-Ming Hu. Reducing timing channels with fuzzy time. In Proc. 1991 IEEE Symposium on Security and Privacy, pp. 8-20, Oakland, CA, May 1991.
14. Trent Jaeger, Atul Prakash, Jochen Liedtke, and Nayeem Islam. Flexible control of downloaded executable content. ACM Transactions on Information and System Security, 2(2): 177-228, May 1999.
15. Paul A. Karger. Limiting the damage potential of discretionary Trojan horses. In Proc. 1987 IEEE Symposium on Security and Privacy, pp. 32-37, Oakland, CA, April 1987.
16. Paul A. Karger and Andrew J. Herbert. An augmented capability architecture to support lattice security and traceability of access. In Proc. 1984 IEEE Symposium on Security and Privacy, pp. 2-12, Oakland, CA, April 1984.
17. Paul A. Karger, Mary Ellen Zurko, Douglas W. Bonin, Andrew H. Mason, and Clifford E. Kahn. A VMM security kernel for the VAX architecture. In Proc. 1990 IEEE Symposium on Security and Privacy, pp. 2-19, Oakland, CA, May 1990.
18. Key Logic. The KeyKOS/KeySAFE System Design, March 1989. SEC009-01. http://www.agorics.com/Library/KeyKos/keysafe/Keysafe.html.
19. Samuel T. King and Peter M. Chen. Operating system support for virtual machines. In Proc. 2003 USENIX Annual Technical Conference, San Antonio, TX, June 2003.
20. Maxwell Krohn. Building secure high-performance web services with OKWS. In Proc. 2004 USENIX Annual Technical Conference, pp. 185-198, Boston, MA, June 2004.
21. Maxwell Krohn, Petros Efstathopoulos, Cliff Frey, Frans Kaashoek, Eddie Kohler, David Mazières, Robert Morris, Michelle Osborne, Steve VanDeBogart, and David Ziegler. Make least privilege a right (not a privilege). In Proc. 10th Hot Topics in Operating Systems Symposium (HotOS-X), Santa Fe, NM, June 2005.
22. Carl E. Landwehr. Formal models for computer security. ACM Computing Surveys, 13(3):247-278, September 1981.
23. Robert Lemos. Payroll site closes on security worries, February 2005. http://news.com.com/2102-1029-3-5587859.html.
24. Jochen Liedtke. On microkernel construction. In Proc. 15th ACM Symposium on Operating Systems Principles, Copper Mountain Resort, CO, December 1995.
25. Peter Loscocco and Stephen Smalley. Integrating flexible support for security policies into the Linux operating system. In Proc. 2001 USENIX Annual Technical Conference - FREENIX Track, pp. 29-40, June 2001.
26. LWIP. http://savannah.nongnu.org/projects/lwip/.
27. Catherine Jensen McCollum, Judith R. Messing, and LouAnna Notargiacomo. Beyond the pale of MAC and DAC - defining new forms of access control. In Proc. 1990 IEEE Symposium on Security and Privacy, pp. 190-200, Oakland, CA, May 1990.
28. M. Douglas McIlroy and James A. Reeds. Multilevel security in the UNIX tradition. Software - Practice and Experience, 22(8):673-694, August 1992.
29. Mark S. Miller, Ka-Ping Yee, and Jonathan Shapiro. Capability myths demolished. Technical Report SRL2003-02, Johns Hopkins University Systems Research Laboratory, 2003. http://www.erights.org/elib/capability/duals/.
30. James G. Mitchell, Jonathan Gibbons, Graham Hamilton, Peter B. Kessler, Yousef Y. A. Khalidi, Panos Kougiouris, Peter Madany, Michael N. Nelson, Michael L. Powell, and Sanjay R. Radia. An overview of the Spring system. In Proc. COMPCON 1994, pp. 122-131, February 1994.
31. Andrew C. Myers and Barbara Liskov. Protecting privacy using the decentralized label model. ACM Transactions on Computer Systems, 9(4):410-442, October 2000.
32. News10. Hacker accesses thousands of personal data files at CSU Chico, March 2005. http://www.news10.net/storyfulll.asp?id=9784.
33. Vivek S. Pai, Peter Druschel, and Willy Zwaenepoel. Flash: An efficient and portable Web server. In Proc. 1999 USENIX Annual Technical Conference, pp. 199-212, Monterey, CA, June 1999.
34. Rob Pike, Dave Presotto, Scan Dorward, Bob Flandrena, Ken Thompson, Howard Trickey, and Phil Winterbottom. Plan 9 from Bell Labs. Computing Systems, 8(3):221-254, Summer 1995.
35. Richard F. Rashid and George G. Robertson. Accent: A communication oriented network operating system kernel. In Proc. 8th ACM Symposium on Operating Systems Principles, pp. 64-75, Pacific Grove, CA, December 1981.
36. Marc Rozier, Vadim Abrossimov, François Armand, I. Boule, Michel Gien, M. Guillemont, F. Herrmann, Claude Kaiser, S. Langlois, P. Leonard, and W. Neuhauser. CHORUS distributed operating system. Computing Systems, 1:305-370, Fall 1988.
37. Jerome H. Saltzer and Michael D. Schroeder. The protection of information in computer systems. Proc. of the IEEE, 63(9): 1278-1308, September 1975.
38. Bruce Schneier. Description of a new variable-length key, 64-bit block cipher (Blowfish). In Proc. Fast Software Encryption, Cambridge Security Workshop, pp. 191-204. Springer-Verlag, December 1993. LNCS 809.
39. Jonathan S. Shapiro, Jonathan Smith, and David J. Farber. EROS: A fast capability system. In Proc. 17th ACM Symposium on Operating Systems Principles, pp. 170-185, Kiawah Island, SC, December 1999.
40. SQLite. http://www.sqlite.org.
41. Andrew S. Tanenbaum, Robbert van Renesse, Hans van Staveren, Gregory J. Sharp, Sape J. Mullender, Jack Jansen, and Guido van Rossum. Experiences with the Amoeba distributed operating system. Communications of the ACM, 33(12):46-63, December 1990.
42. VMware. VMware and the National Security Agency team to build advanced secure computer systems, January 2001. http://www.vmware.com/pdf/TechTrendNotes. pdf.
43. Rob von Behren, Jeremy Condit, Feng Zhou, George C. Necula, and Eric Brewer. Capriccio: Scalable threads for Internet services. In Proc. 19th ACM Symposium on Operating Systems Principles, pp. 268-281, Bolton Landing, Lake George, NY, October 2003.
44. Robert Watson, Wayne Morrison, Chris Vance, and Brian Feldman. The TrustedBSD MAC framework: Extensible kernel access control for FreeBSD 5.0. In Proc. 2003 USENIX Annual Technical Conference, pp. 285-296, San Antonio, TX, June 2003.
45. Matt Welsh, David Culler, and Eric Brewer. SEDA: An architecture for well-conditioned, scalable Internet services. In Proc. 18th ACM Symposium on Operating Systems Principles, pp. 230-243, Château Lake Louise, Alberta, Canada, October 2001.
46. Andrew Whitaker, Marianne Shaw, and Steven D. Gribble. Scale and performance in the Denali isolation kernel. In Proc. 5th Symposium on Operating Systems Design and Implementation (OSDI '02), pp. 195-210, Boston, MA, December 2002.