A model for verification of data security in operating systems

Popek, Gerald J.; Farber, David A.

doi:10.1145/359588.359597

Cited by 59 publications

(21 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The top level specification described in figure-3 actually contains data security notion. This data security notion has been discussed by G. Popek and D. Farber [1]. The figure in right shows the consistency proofs between the levels.…”

Section: Project Implementationmentioning

confidence: 94%

“…The verification of UCLA system is based on data security model provided by G. Popek and D. Farber [1]. The data security model can be used to verify many of those properties in an operating system which are necessary to ensure reliable security enforcement.…”

Section: Ucla Projectmentioning

confidence: 99%

“…• In UCLA they first generate the nucleus using the approach described in [1]. This nucleus was very close to modern microkernels [27], although at that time microkernels hadn't been invented [5].…”

Section: Project Implementationmentioning

confidence: 99%

See 2 more Smart Citations

OS Verification- A Survey as a Source of Future Challenges

Anjaria¹,

Mishra²

2015

IJCSES

View full text Add to dashboard Cite

show abstract

Section: Project Implementationmentioning

confidence: 94%

Section: Ucla Projectmentioning

confidence: 99%

See 1 more Smart Citation

OS Verification- A Survey as a Source of Future Challenges

Anjaria¹,

Mishra²

2015

IJCSES

View full text Add to dashboard Cite

show abstract

“…• Security kernel and trusted computing base (TCB): A security kernel [Popek and Farber 1978] refers to a small core of hardware and software components that are responsible for enforcing security policies of a system 1 . A TCB [Lampson et al 1992] generalizes on this concept to include, as part of the trusted components, software processes that may reside outside the kernel; consequently, a TCB can also be used to check end-to-end security properties that extend beyond the kernel boundary.…”

Section: Known Usesmentioning

confidence: 99%

“…Concepts such as the trusted computing base [Lampson et al 1992], security kernel [Popek and Farber 1978], and safety kernel [Rushby 1989] are well known in the fields of security and safety-critical systems. We believe that experienced designers already do this, structuring a system so that the most critical components are kept to small subsets of the system's parts.…”

Section: Introductionmentioning

confidence: 99%

Patterns for building dependable systems with trusted bases

Kang

Jackson

2010

Proceedings of the 17th Conference on Pattern Languages of Programs

View full text Add to dashboard Cite

We propose a set of patterns for structuring a system to be dependable by design. The key idea is to localize the system's most critical requirements into small, reliable parts called trusted bases. We describe two instances of trusted bases: (1) the end-toend check, which localizes the correctness checking of a computation to end points of a system, and (2) the trusted kernel, which ensures the safety of a set of resources with a small core of a system.

show abstract

Security Models

McLean

Schell

Brinkley³

2002

Encyclopedia of Software Engineering

View full text Add to dashboard Cite

The term security model has been used to describe any formal statement of a system's confidentiality, availability, or integrity requirements. In this article we focus on the primary use of security models, which has been to describe general confidentiality requirements. We then give pointers to security model work in other areas. Even if we limit ourselves to models of confidentiality, there are two related, but distinct, senses of the term security model in the computer security literature. In the more limited use of the term, a security model specifies a particular mechanism for enforcing confidentiality, called access control , which was brought over into computer security from the world of documents and safes. In the more general usage of the term, security models are specifications of a system's confidentiality requirements and are not “models” at all in that they specify security requirements without describing any particular mechanism for implementing these requirements. These models specify restrictions on a system's interface (usually its input/output relation) that are sufficient to ensure that any implementation that satisfies these restrictions will enforce confidentiality. We consider access control models and interface models in turn after types are also descussed.

show abstract

A model for verification of data security in operating systems

Cited by 59 publications

References 18 publications

OS Verification- A Survey as a Source of Future Challenges

OS Verification- A Survey as a Source of Future Challenges

Patterns for building dependable systems with trusted bases

Security Models

Contact Info

Product

Resources

About