Verified protection model of the seL4 microkernel

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 5295 LNCS, Issue , 2008, Pages 99-114

  Elkaduwe, Dhammika ^a   Klein, Gerwin ^a   Elphinstone, Kevin ^a  

^a UNIVERSITY OF NEW SOUTH WALES   (Australia)

Author keywords

[No Author keywords available]

Indexed keywords

ACCESS CONTROL;

ABSTRACT SPECIFICATIONS; EMBEDDED DEVICE; FORMAL PROOFS; INTERACTIVE THEOREM PROVER; ISABELLE; PROTECTION MODELS; SECURITY ANALYSIS; SEL4 MICROKERNEL;

SPECIFICATIONS;

EID: 70350504088     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-540-87873-5_11     Document Type: Conference Paper

References (20)

1. Bishop, M.: Conspiracy and information flow in the take-grant protection model. Journal of Computer Security 4(4), 331-360 (1996)
2. Bishop, M., Snyder, L.: The transfer of information and authority in a protection system. In: 7th SOSP, pp. 45-54. ACM Press, New York (1979)
3. Cock, D., Klein, G., Sewell, T.: Secure microkernels, state monads and scalable refinement. In: Munoz, C., Ait, O. (eds.) TPHOLs 2008. LNCS 5170 (to appear, 2008)
4. Dennis, J.B., Van Horn, E.C.: Programming semantics for multiprogrammed computations. CACM 9, 143-155 (1966)
5. Derrin, P., Elphinstone, K., Klein, G., Cock, D., Chakravarty, M.M.T.: Running the manual: An approach to high-assurance microkernel development. In: ACM SIGPLAN Haskell WS, Portland, OR, USA (September 2006)
6. Elkaduwe, D., Derrin, P., Elphinstone, K.: A memory allocation model for an embedded microkernel. In: Proc. 1st MicroKernels for Embedded Systems, Sydney, Australia, pp. 28-34. NICTA (January 2007)
7. Elphinstone, K., Klein, G., Derrin, P., Roscoe, T., Heiser, G.: Towards a practical, verified kernel. In: 11th HotOS, San Diego, CA, USA (May 2007)
8. Elphinstone, K., Klein, G., Kolanski, R.: Formalising a high-performance microkernel. In: Leino, R. (ed.) Workshop on Verified Software: Theories, Tools, and Experiments (VSTTE 2006), Microsoft Research Technical Report MSR-TR-2006-117, pp. 1-7, Seattle, USA (August 2006)
9. Hardy, N.: KeyKOS architecture. Operat. Syst. Rev. 19(4), 8-25 (1985)
10. Harrison, M.A., Ruzzo, W.L., Ullman, J.D.: Protection in operating systems. In: CACM, pp. 561-471 (1976)
11. Leslie, B., van Schaik, C., Heiser, G.: Wombat: A portable user-mode Linux for embedded systems. In: 6th Linux.Conf.Au, Canberra (April 2005)
12. Liedtke, J.: On μ-kernel construction. In: 15th SOSP, Copper Mountain, CO, USA, pp. 237-250 (December 1995)
13. Lipton, R.J., Snyder, L.: A linear time algorithm for deciding subject security. J. ACM 24(3), 455-464 (1977)
14. National ICT Australia. seL4 Reference Manual (2006), http://www.ertos.nicta.com.au/research/sel4/sel4-refman.pdf
15. Nipkow, T., Paulson, L., Wenzel, M.: Isabelle/HOL. LNCS, vol. 2283. Springer, Heidelberg (2002)
16. Nuutila, E.: Efficient transitive closure computation in large digraphs. PhD thesis, Helsinki University of Technology (June 1995)
17. Rushby, J.: Noninterference, transitivity, and channel-control security policies. Technical report (December 1992), http://www.csl.sri.com/papers/csl- 92-2/
18. Shapiro, J.S.: The practical application of a decidable access model. Technical Report SRL-2003-04, SRL, Baltimore, MD 21218 (November 2003)
19. Shapiro, J.S., Smith, J.M., Farber, D.J.: EROS: A fast capability system. In: 17th SOSP, Charleston, SC, USA, pp. 170-185 (December 1999)
20. Snyder, L.: Theft and conspiracy in the Take-Grant protection model. Journal of Computer and System Sciences 23(3), 333-347 (1981)