A domain and type enforcement UNIX∗ prototype

5th USENIX Security Symposium

Volumn , Issue , 1995, Pages

  Badger, Lee ^a   Sterne, Daniel F ^a   Sherman, David L ^a   Walker, Kenneth M ^a   Haghighat, Sheila A ^a  

^a Trusted Information Systems Inc   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ACCESS CONTROL; EXPERT SYSTEMS;

ACCESS CONTROL TECHNOLOGIES; CONTROL DOMAINS; DESIGN AND IMPLEMENTATIONS; DOMAIN AND TYPE ENFORCEMENT; INFORMATION RESOURCE; PROTOTYPE SYSTEM; SECURITY POLICY; SYSTEM ADMINISTRATORS;

UNIX;

EID: 85084162952     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (27)

1. L. Badger, D. F. Sterne, D. L. Sherman, K. M. Walker, S. A. Haghighat, "Practical Domain and Type Enforcement for UNIX," 1995 IEEE Symposium on Security and Privacy, Oakland CA, May 1995.
2. L. Badger, "A Model for Specifying Multi-Granularity Integrity Policies," 1989 IEEE Symposium on Security and Privacy, p. 269, Oakland, CA, May 1989.
3. R.W. Baldwin, "Naming and Grouping Privileges to Simplify Security Management in Large Databases," Proceedings of the 1990 IEEE Symposium on Security and Privacy, p. 116, Oakland, CA, May 1990.
4. D.E. Bell and L. Lapadula, "Secure Computer System: Unified Exposition and Multics Interpretation," (Technical Report No. ESD-TR-75-306, Electronics Systems Division, AFSC, Hanscom AF Base, Bedford MA, 1976).
5. K.P. Birman, T. Joseph, K. Kane, F. Schmuck, "The ISIS Programming Manual and User's Guide," Department of Computer Science, Cornell University, June 1988.
6. K.J. Biba, "Integrity Considerations for Secure Computer Systems," USAF Electronic Systems Division, Bedford, MA, ESD-TR-76-372, 1977.
7. M. Branstad, H. Tajalli, F. Mayer, D. Dalva, "Access Mediation in a Message Passing Kernel," 1989 IEEE Symposium on Security and Privacy, p. 66, Oakland, CA, May 1989.
8. D.D. Clark and D.R. Wilson, "A Comparison of Commercial and Military Computer Security Policies," Proceedings of the 1987 IEEE Symposium on Security and Privacy, Oakland, CA, p. 184, 1987.
9. W.E. Boebert and R.Y. Kain, "A Practical Alternative to Hierarchical Integrity Policies," Proceedings of the 8th National Computer Security Conference, Gaithersburg, MD, p. 18, 1985.
10. J. Ioannidis, M. Blaze, "The Architecture and Implementation of Network-Layer Security Under Unix," Presented at the USENIX Summer 1994 Technical Conference, Boston MA.
11. NBS, "Data Encryption Standard," Jan. 1977. Federal Information Processing Standards Publication 46.
12. D. Farmer, "The COPS Security Checker System," Proceedings of the Summer 1990 USENIX Conference, Anaheim, CA, p. 165.
13. G. Fernandez, L. Allen, "Extending the UNIX Protection Model with Access Control Lists," Proceedings of the Summer 1988 USENIX Conference, San Francisco, CA, 1988, p. 119.
14. T. Fine and S. E. Minear, "Assuring Distributed Trusted Mach," 1993 IEEE Computer Society Symposium on Research in Security and Privacy, Oakland, CA, p. 206, 1993.
15. J. Kohl and C. Neuman, "The Kerberos Network Authentication Service (V5)," RFC 1510, September 1993.
16. D. Klein, "A Capability Based Protection Mechanism Under Unix," Proceedings of the 1985 Winter USENIX Conference, Dallas, Texas, p. 152.
17. C.E. Landwehr, C.L. Heitmeyer, and J. McLean, "A Security Model for Military Message Systems," ACM Transactions on Computer Systems, Vol. 2, No. 3, August 1984, pp. 198-222.
18. S.B. Lipner, "Non-Discretionary Controls for Commercial Applications," Proceedings of the 1982 IEEE Symposium on Security and Privacy, Oakland, CA, p. 2, 1982.
19. M. K. McKusick, "The Virtual Filesystem Interface in 4.4BSD," USENIX Computing Systems, Vol 8, Winter 1995, p. 3.
20. National Computer Security Center, "Department of Defense Trusted Computer System Evaluation Criteria," DoD 5200.28-STD, Dec. 1985.
21. R. O'Brien and C. Rogers. Developing Applications on LOCK. In Proc. 14th National Computer Security Conference, pages 147-156, Washington, DC, October 1991.
22. L.L. Peterson, N.C. Buchholz, R.D. Schlichting, "Preserving and Using Context Information in Interprocess Communication," ACM Transactions on Computer Systems, 7(3):217-246, Aug. 1989.
23. Secure Computing Corporation, Sidewinder Press Release, October 10, 1994.
24. D. Sterne, "A TCB Subset for Integrity and Role-Based Access Control," Proc. 15th National Computer Security Conference, pages 680-696, Baltimore, MD, 1992.
25. O.S. Saydjari, J.M. Beckman, and J.R. Leaman, "LOCK Trek: Navigating Uncharted Space," Proceedings of the 1989 IEEE Symposium on Security and Privacy, Oakland, CA, p. 167, 1989.
26. D. J. Thomsen, "Role-based Application Design and Enforcement," In Proc. of the Fourth IFIP Workshop on Database Security, Halifax, England, September 1990.
27. S. Wiseman, "A Secure Capability Computer System," Proceedings of the 1986 IEEE Symposium on Security and Privacy, Oakland, CA, p. 86, 1986.