From Trusted to Secure: Building and Executing Applications that Enforce System Security

USENIX 2007 - 2007 USENIX Annual Technical Conference

Volumn , Issue , 2007, Pages 205-218

  Hicks, Boniface ^a   Rueda, Sandra ^a   Jaeger, Trent ^a   McDaniel, Patrick ^a  

^a PENNSYLVANIA STATE UNIVERSITY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

COMMERCIAL OPERATING SYSTEMS; DATA CONFIDENTIALITY; DATA INTEGRITY; ENFORCER SYSTEM; MANDATORY ACCESS CONTROL; SECURITY LEVEL; SENSITIVE DATAS; SYSTEM SECURITY; SYSTEM SERVICES; SYSTEM-WIDE DATA;

SENSITIVE DATA;

EID: 34548017123     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (37)

1. A. Askarov and A. Sabelfeld. Secure Implementation of Cryptographic Protocols: A Case Study of Mutual Distrust. In Proceedings of the 10th European Symposium on Research in Computer Security (ESORICS-05), Milan, Italy, September 2005.
2. P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauer, I. Pratt, and A. Warfield. Xen and the art of virtualization. In Proceedings of the Symposium on Operating Systems Principles (SOSP), October 2003.
3. D. E. Bell and L. J. LaPadula. Secure computer system: Unified exposition and Multics interpretation. Technical Report ESD-TR-75-306, Deputy for Command and Management Systems, HQ Electronic Systems Division (AFSC), L. G. Hanscom Field, Bedford, MA, March 1976.
4. K. J. Biba. Integrity Considerations for Secure Computer Systems. Technical Report ESD-TR-76-372, USAF Electronic Systems Division, Bedford, MA, April 1977. (Also available through National Technical Information Service, Springfield Va., NTIS AD-A039324.).
5. E. Bonelli, A. Compagnoni, and R. Medel. Non-interference for a typed assembly language. In Proceedings of the LICS-05 Affiliated Workshop on Foundations of Computer Security (FCS). IEEE Computer Society Press, 2005.
6. S. Chong and A. Myers. Decentralized robustness. In Proceedings of the 19th IEEE Computer Security Foundations Workshop (CSFW), Venice, Italy, July 2006.
7. D. Denning. A lattice model of secure information flow. Communications of the ACM, 19(5):236-242, 1976.
8. S.W. Devine, E. Bugnion, and M. Rosenblum. Virtualization system including a virtual machine monitor for a computer with a segmented architecture. VMWare, Inc., October 1998. US Patent No. 6397242.
9. FreeBSD Foundation. SEBSD: Port of SELinux FLASK and type enforcement to TrustedBSD. http://www.trustedbsd.org/sebsd.html.
10. J. A. Goguen and J. Meseguer. Security policies and security models. In Proceedings of the IEEE Symposium on Security and Privacy, pages 11-20, April 1982.
11. Chad Hanson. Selinux and mls: Putting the pieces together. In Proceedings of the 2nd Annual SELinux Symposium, 2006.
12. B. Hicks, K. Ahmadizadeh, and P. McDaniel. From Languages to Systems: Understanding Practical Application Development in Security-typed Languages. In Proceedings of the 22nd Annual Computer Security Applications Conference (ACSAC 2006), Miami, FL, December 11-15 2006.
13. B. Hicks, D. King, P. McDaniel, and M. Hicks. Trusted declassification: High-level policy for a security-typed language. In Proceedings of the 1st ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS-06), Ottawa, Canada, June 10 2006. ACM Press.
14. Boniface Hicks, Sandra Rueda, Luke St. Clair, Trent Jaeger, and Patrick McDaniel. A logical specification and analysis for SELinux MLS policy. In Proceedings of the ACM Symposium on Access Control Models and Technologies (SACMAT), Antipolis, France, June 2007.
15. T. Jaeger, A. Edwards, and X. Zhang. Policy management using access control spaces. ACM Trans. Inf. Syst. Secur., 6(3):327-364, 2003.
16. L. Lam and T. Chiuch. A general dynamic information flow tracking framework for security applications. In Applied Computer Security Associates ACSAC, 2006.
17. P. Li and S. Zdancewic. Practical Information-flow Control in Web-based Information Systems. In Proceedings of 18th IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, 2005.
18. H. Mantel and A. Sabelfeld. A Unifying Approach to the Security of Distributed and Multi-Threaded Programs. Journal of Computer Security, 2002.
19. R. Meushaw and D. Simard. Nettop - commercial technology in high assurance applications, 2000. http://www.vmware.com/pdf/TechTrendNotes.pdf.
20. Sun Microsystems. Solaris trusted extensions. http://www.sun.com.
21. Sun Microsystems. Trusted solaris operating environment - a technical overview. http://www.sun.com.
22. A. C. Myers. Mostly-Static Decentralized Information Flow Control. Technical Report MIT/LCS/TR-783, Massachussetts Institute of Technology, January 1999. Ph.D. thesis.
23. A. C. Myers, N. Nystrom, L. Zheng, and S. Zdancewic. Jif: Java + information flow. Software release. Located at http://www.cs.cornell.edu/jif, July 2001.
24. Andrew C. Myers and Barbara Liskov. Protecting privacy using the decentralized label model. ACM Transactions on Software Engineering and Methodology, 9(4):410-442, 2000.
25. Security-enhanced Linux. http://www.nsa.gov/selinux.
26. F. Pottier and V. Simonet. Information Flow Inference for ML. In Proceedings ACM Symposium on Principles of Programming Languages, pages 319-330, January 2002.
27. A. Sabelfeld and A. C. Myers. Language-Based Information-Flow Security. IEEE Journal on Selected Areas in Communications, 21(1):5-19, January 2003.
28. Andrei Sabelfeld and David Sands. Dimensions and principles of declassification. In Proceedings of the IEEE Computer Security Foundations Workshop, Aix-en-Provence, France, June 2005.
29. G. Sally. Embedded Java with GCJ. Linux Journal, (145), May 2006.
30. B. Sarna-Starosta and S.D. Stoller. Policy analysis for security-enhanced linux. In Proceedings of the 2004 Workshop on Issues in the Theory of Security (WITS), pages 1-12, April 2004. Available at http://www.cs.sunysb.edu/~stoller/WITS2004.html.
31. U. Shankar, T. Jaeger, and R. Sailer. Toward automated information-flow integrity verification for security-critical applications. In Proceedings of the 2006 ISOC Networked and Distributed Systems Security Symposium (NDSS-06), San Diego, CA, USA, February 2006.
32. S. Smalley, C. Vance, and W. Salamon. Implementing SELinux as a linux security module. Technical Report 01-043, NAI Labs, 2001.
33. G. Smith and D. Volpano. Secure Information Flow in a Multi-Threaded Imperative Language. In Proceedings ACM Symposium on Principles of Programming Languages, pages 355-364, San Diego, California, January 1998.
34. R. Spencer, S. Smalley, P. Loscocco, M. Hibler, D. Andersen, and J. Lapreau. The Flask architecture: System support for diverse security policies. In Proceedings of the 8th USENIX Security Symposium, pages 123-139, August 1999.
35. Christopher Vance, Todd Miller, and Rob Dekelbaum. Security-Enhanced Darwin: Porting SELinux to Mac OS X. In Proceedings of the Third Annual Security Enhanced Linux Symposium, Baltimore, MD, USA, March 2007.
36. D. Volpano, G. Smith, and C. Irvine. A sound type system for secure flow analysis. 4(3):167-187, 1996.
37. L. Zheng, S. Chong, A. C. Myers, and S. Zdancewic. Using Replication and Partitioning to Build Secure Distributed Systems. In Proceedings of the IEEE Symposium on Security and Privacy, 2003, pages 236-250, 2003.