Building systems that flexibly control downloaded executable content

6th USENIX Security Symposium 1996

Volumn , Issue , 1996, Pages

  Jaeger, Trent ^a   Rubin, Aviel D ^b   Prakashy, Atul ^a  

^a University of Michigan   (United States)

^b TELCORDIA TECHNOLOGIES   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

INFORMATION SERVICES; NETWORK ARCHITECTURE;

COLLABORATIVE APPLICATION; COLLABORATIVE SYSTEMS; EMERGING APPLICATIONS; INSECURE NETWORKS; KEY TECHNOLOGIES; SECURITY PROBLEMS; UNAUTHORIZED ACCESS; WEB INFORMATION SERVICES;

APPLICATION PROGRAMS;

EID: 85084161058     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (36)

1. L. Badger, D. F. Sterne, D. L. Sherman, K. M. Walker, and S. A. Haghighat. Practical domain and type enforcement for UNIX. In IEEE Symposium on Security and Privacy, pages 66-77, 1995.
2. M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized trust management. In Proceedings of the IEEE Symposium on Security and Privacy, 1996.
3. N. S. Borenstein. Email with a mind of its own: The Safe-Tcl language for enabled mail. In UL-PAA '94, 1994. Available via anonymous ftp from ics.uci.edu in the file mrose/safe-tcl/safe-tcl.tar.Z.
4. E. Born and H. Stiegler. Discretionary access control by means of usage conditions. Computers & Security, 13(5):437-450, 1994.
5. D. Dean, E. Felten, and D. Wallach. Java security: From HotaJava to Netscape and beyond. In Proceedings of the IEEE Symposium on Security and Privacy, 1996.
6. R. Clauer et al. A prototype upper atmospheric collaboratory (UARC). AGU Monograph: Visualization Techniques in Space and Atmospheric Sciences. In press.
7. S. Foley and J. Jacob. Specifying security for CSCW systems. In Proceedings of the 8th IEEE Computer Security Foundations Workshop, pages 136-145, 1995.
8. A. O. Freier, P. Karlton, and P. C. Kocher. The ssl protocol version 3.0. Internet Draft, March, 1996.
9. M. Gasser and E. McDermott. An architecture for practical delegation in a distributed system. In IEEE Symposium on Security and Privacy, pages 20-30, 1990.
10. J. Gosling and H. McGilton. The Java language environment: A white paper, 1995. Available at URL http://java.sun.com/whitePaper/java-whitepaper-1.html.
11. R. Hall, A. Mathur, F. Jahanian, A. Prakash, and C. Rasmussen. Corona: A communication service for scalable, reliable group collaboration systems. In Proceedings of the Sixth ACM Conference on Computer-Supported Cooperative Work, November 1996. To appear.
12. T. Jaeger and A. Prakash. Support for the file system security requirements of computational e-mail systems. In Proceedings of the 2nd ACM Conference on Computer and Communications Security, pages 1-9, 1994.
13. T. Jaeger and A. Prakash. Implementation of a discretionary access control model for script-based systems. In Proceedings of the 8th IEEE Computer Security Foundations Workshop, pages 70-84, 1995.
14. J. T. Kohl and B. C. Neuman. The Kerberos network authentication service. Internet RFC 1510, September, 1993.
15. J. Lee, A. Prakash, and T. Jaeger. A software architecture to support open distributed collabroatories. In Proceedings of the Sixth ACM Conference on Computer-Supported Cooperative Work, November 1996. To appear.
16. J. Levy and J. Ousterhout. Safe Tcl: A toolbox for constructing electronic meeting places. In The First USENIX Workshop on Electronic Commerce, 1995. To appear.
17. I. Mohammed and D. M. Dilts. Design for dynamic user-role-based security. Computers & Security, 13(8):661-671, 1994.
18. National Institute of Standards and Technology, U.S. Department of Commerce. NIST FIPS PUB 186, Secure Hash Standard, May 1993.
19. National Institute of Standards and Technology, U.S. Department of Commerce. NIST FIPS PUB 186, Digital Signature Standard, May 1994.
20. B. C. Neuman. Proxy-based authorization and accounting for distributed systems. In International Conference on Distributed Computing Systems, pages 283-291, 1993.
21. Open Software Foundation. Introduction to OSF DCE, revision 1.0 edition, December 1992.
22. A. Prakash and H. Shim. Distview: Support for building efficient collabroative applications using replicated objects. In Proceedings of the Fifth ACM Conference on Computer-Supported Cooperative Work, October 1994.
23. M. Reiter. A secure group membership protocol. IEEE Transactions on Software Engineering, 22(1):31-42, January 1996.
24. D. M. Ritchie and K. Thompson. The UNIX timesharing system. Communications of the ACM, 17(7):365-375, July 1974.
25. R. Rivest, A. Shamir, and L. Adleman. On digital signatures and public-key cryptosystems. Communications of the ACM, 21(2):120-126, February 1978.
26. A. D. Rubin. Trusted distribution of software over the internet. In Proceedings of the Internet Society Symposium on Network and Distributed System Security, 1995.
27. M. Satyanarayanan. Integrating security in a large distributed system. ACM Transactions on Computer Systems, 7(3):247-280, August 1989.
28. B. Schneier. Applied Cryptography. Wiley & Sons, 1994.
29. J. G. Steiner, B. C. Neuman, and J. J. Schiller. Kerberos: An authentication service for open network systems. In Proceedings of the Usenix Conference, pages 191-202, 1988.
30. D. F. Sterne, T.V. Benzel, L. Badger, K. M. Walker, K. A. Oostendorp, D. L. Sherman, and M. J. Petkac. Browsing the web safely with Domain and Type Enforcement. In IEEE Symposium on Security and Privacy, 1996. Abstract for a 5-minute presentation.
31. Computer Emergency Response Team. Java implementations can allow connections to an arbitrary host. CERT Advisory CA:96:05, 1996. Available at URL ftp://info.cert.org/pub/cert-advisories/CA-96.05.java-applet-security-mgr.
32. Trusted Information Systems, Inc. Trusted Mach System Architecture, TIS TMACH Edoc-0001-94A edition, August 1994.
33. S. T. Vinter. Extended discretionary access controls. In IEEE Symposium on Security and Privacy, pages 39-49, 1988.
34. J. E. White. Telescript technology: The foundation for the electronic marketplace. General Magic White Paper.
35. E. Wobber, M. Abadi, M. Burrows, and B. Lampson. Authentication in the Taos operating system. ACM Transactions on Computer Systems, 12(1):3-32, February 1994.
36. W. Wulf, E. Cohen, W. Corwin, A. Jones, R. Levin, C. Pierson, and F. Pollack. HYDRA: The kernel of a multiprocessor operating system. Communications of the ACM, 17(6):337-345, June 1974.