Shamon: A system for distributed mandatory access control

Proceedings - Annual Computer Security Applications Conference, ACSAC

Volumn , Issue , 2006, Pages 23-32

  McCune, Jonathan M ^a   Jaeger, Trent ^b   Berger, Stefan ^c   Cáceres, Ramón ^c   Sailer, Reiner ^c  

^a CARNEGIE MELLON UNIVERSITY   (United States)

^b PENNSYLVANIA STATE UNIVERSITY   (United States)

^c IBM T J WATSON RESEARCH CENTER   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

SHARED REFERENCE MONITOR (SHAMON); XEN HYPERVISOR;

COMPUTATION THEORY; COMPUTER OPERATING SYSTEMS; DISTRIBUTED COMPUTER SYSTEMS; VIRTUAL REALITY;

ACCESS CONTROL;

EID: 38049045448     PISSN: 10639527     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ACSAC.2006.47     Document Type: Conference Paper

References (40)

1. M. Abadi, E. Wobber, M. Burrows, and B. Lampson. Authentication in the Taos operating system. In Proceedings of the ACM Symposium on Operating System Principles, 1993.
2. D. P. Anderson. BOENC: A system for public-resource computing and storage. In Proceedings of the Workshop on Grid Computing, Nov. 2004.
3. D. P. Anderson, J. Cobb, E. Korpela, M. Lebofsky, and D. Werthimer. SETI@Home: An experiment in public-resource computing. Communications of the ACM, 45(11):56-61, 2002.
4. W. A. Arbaugh, D. J. Farber, and J. M. Smith. A secure and reliable bootstrap architecture. In Proceedings of the IEEE Symposium on Security and Privacy, May 1997.
5. P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauer, I. Pratt, and A. Warfield. Xen and the art of virtualization. In Proceedings of the ACM Symposium on Operating Systems Principles, Oct. 2003.
6. E. Belani, A. Vahdat, T. Anderson, and M. Dahlin. The CRISIS wide area security architecture. In Proceedings of the USENIX Security Symposium, Jan. 1998.
7. D. E. Bell and L. J. LaPadula. Secure computer systems: Mathematical foundations and model. Technical ReportESD-TR-75-306, The Mitre Corporation, Air Force Electronic Systems Division, Hanscom AFB, Badford, MA, 1976.
8. D. E. Bell and L. J. LaPadula. Secure computer systems: Unified exposition and multics interpretation. Technical report, MITRE MTR-2997, March 1976.
9. S. Berger, R. Cáceres, K. Goldman, R. Sailer, and L. van Doom. vTPM: Virtualizing the Trusted Platform Module. In Proceedings of the USENIX Security Symposium, July 2006.
10. M. Blaze, J. Feigenbaum, J. Ioannidis, and A. D. Keromytis. The keynote trust-management system, version 2. IETF RFC 2704, Sept. 1999.
11. W. E. Boebert and R. Y. Kain. A practical alternative to heirarchical integrity policies. In Proceedings of the National Computer Security Conference, 1985.
12. D. F. C. Brewer and M. J. Nash. The Chinese wall security policy. In Proceedings of the IEEE Symposium on Security and Privacy, 1989.
13. C. M. Ellison, B. Frantz, B. Lampson, R. L. Rivest, B. M. Thomas, and T. Ylonen. SPKI certificate theory. IETF RFC 2693, Sept. 1999.
14. I. Foster, C. Kesselman, and S. Tuecke. The anatomy of the grid: Enabling scalable virtual organizations. Supercomputer Applications, 15(3), 2001.
15. T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh. Terra: A virtual machine-based platform for trusted computing. In Proceedings of the ACM Symposium on Operating System Principles, October 2003.
16. IBM. Integrity measurement architecture for linux. http://www. sourceforge.net/projects/linux-ima.
17. T. R. Jaeger, S. Hallyn, and J. Latten. Leveraging IPSec for mandatory access control of linux network communications. Technical Report RC23642 (W0506-109), IBM, June 2005.
18. P. A. Karger, M. E. Zurko, D. W. Bonin, A. H. Mason, and C. E. Kahn. A retrospective on the VAX VMM security kernel. IEEE Transactions on Software Engineering, 17(11):1147-1165, 1991.
19. S. Kent and R. Atkinson. IP encapsulating security payload (ESP). IETF RFC 2406, Nov. 1998.
20. S. Kent and R. Atkinson. Security architecure for the internet protocol. IETF RFC 2401, Nov. 1998.
21. J. Kohl and C. Neuman. The Kerberos Network Authentication Service (V5). Internet Draft, Sept. 1992.
22. B. Lampson, M. Abadi, M. Burrows, and E. Wobber. Authentication in distributed systems: Theory and practice. ACM Transactions on Computer Systems (TOCS), 10(4):265-310, 1992.
23. N. Li, B. N. Grosof, and J. Feigenbaum. Delegation logic: A logic-based approach to distributed authorization. ACM Transactions on Information and System Security (TISSEC), 6(1):128-171, Feb. 2003.
24. N. Li and J. C. Mitchell. Understanding SPKI/SDSI using first-order logic. In Proceedings of the IEEE Computer Security Foundations Workshop, pages 89-103, June 2003.
25. R. Meushaw and D. Simard. NetTop: Commercial technology in high assurance applications. Tech Trend Notes, 9(4): 1-8, 2000.
26. Microsoft Corporation. Next generation secure computing base, http://www.microsoft.com/resources/ngscb/, May 2005.
27. Open Software Foundation. Introduction to OSF DCE. Prentice Hall, Englewood Cliffs, NJ, 1993.
28. N. L. Petroni, T. Fraser, J. Molina, and W. A. Arbaugh. Copilot - A coprocessor-based kernel runtime integrity monitor. In Proceedings of the USENIX Security Symposium, 2004.
29. T. T. Russell and M. Schaefer. Toward a high B level security architecture for the IBM ESZ3090 processor resource Z systems manager (PRZSM). In Proceedings of the National Computer Security Conference, Oct. 1989.
30. R. Sailer, T. Jaeger, E. Valdez, R. Cáceres, R. Perez, S. Berger, J. Griffin, and L. van Doom. Building a MACbased security architecture for the Xen opensource hypervisor. In Proceedings of the Annual Computer Security Applications Conference, Dec. 2005.
31. R. Sailer, X. Zhang, T. Jaeger, and L. van Doom. Design and implementation of a TCG-based integrity measurement architecture. In Proceedings of the USENIX Security Symposium, 2004.
32. M. Schaefer, B. Gold, R. Linde, and J. Scheid. Program confinement in KVMZ370. In Proceedings of the ACM National Conference, Oct. 1977.
33. E. Shi, A. Perrig, and L. V. Doom. BIND: A time-of-use attestation service for secure distributed systems. In Proceedings of IEEE Symposium on Security and Privacy, May 2005.
34. S. Smalley, C. Vance, and W. Salamon. Implementing SELinux as a linux security module. Technical Report 01-043, NAI Labs, 2001.
35. S. W. Smith. Outbound authentication for programmable secure coprocessors. In Proceedings of the European Symposium on Research in Computer Security, Oct. 2002.
36. Sun Microsystems. Trusted Solaris 8 Operating System, http ://www.sun.com/software/solaris/trustedsolaris/, Feb. 2006.
37. R. Watson, W. Morrison, C. Vance, and B. Feldman. The TrustedBSD MAC framework: Extensible kernel access control for FreeBSD 5.0. In Proceedings of the USENIX Annual Technical Conference, June 2003.
38. V Welch, F. Siebenlist, I. Foster, J. Bresnahan, K. Czajkowski, J. Gawor, C. Kesselman, S. Meder, L. Pearlman, and S. Tuecke. Security for grid services. In Proceedings of Symposium on High Performance Distributed Computing, June 2003.
39. C. Wright, C. Cowan, S. Smalley, J. Morris, and G. KroahHartman. Linux Security Modules: General security support for the linux kernel. In Proceedings of the USENIX Security Symposium, 2002.
40. H. Yin and H. Wang. Building an application-aware IPsec policy system. In Proceedings of the USENIX Security Symposium, 2005.