Persistent protected modules and persistent processes as the basis for a more secure operating system

Keedy, James Leslie; Vosseberg, Karin

doi:10.1109/hicss.1992.183229

Cited by 15 publications

(7 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This can be achieved as: Given these definitions, the following code will take an unrestricted capability for the 'top secret'-level directory and create a capability suitable for use by lower-level principals: The beauty of this solution, in contrast to previous capability-based implementations of the Bell-LaPadula model such as [20], is that the text and directory objects themselves contain no special code for enforcing the access constraints. Indeed they could equally well be used in a system with quite a different security policy.…”

Section: Interface Lowerlevelview { Void Addfile(string Name Capabilmentioning

confidence: 99%

Supporting parameterised roles with object-based access control

Evered

2003

36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of The

View full text Add to dashboard Cite

The per-method access control lists of standard internet technologies allow only simple forms of access control to be expressed and enforced. They also fail to enforce a strict need-to-know view of persistent data. Real applications require more flexible security constraints including parameter restrictions, logging of accesses and state-dependent access constraints. In particular, the concept of parameterised roles, central to a fine-grained specification of access rules and compliance with privacy laws, should be supported in a natural way. In this paper we demonstrate how an object-based approach using the mechanism of bracket capabilities can be used to enforce various kinds of access constraints including discretionary, mandatory and parameterised role-based access control. We give examples from a health information system incorporating secure patient access and secure access by appropriate medical and administrative personnel.

show abstract

Section: Interface Lowerlevelview { Void Addfile(string Name Capabilmentioning

confidence: 99%

Supporting parameterised roles with object-based access control

Evered

2003

36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of The

View full text Add to dashboard Cite

show abstract

“…One of the most important considerations in the design of an operating system is the model of interaction between these entities. Grasshopper uses the object-thread model, in which communication is achieved via a mechanism similar to procedure calls, in which threads (loci) move between entities [15]. Thus, a locus may invoke a container, thereby changing its host container, and may later return to its original container.…”

Section: Containersmentioning

confidence: 99%

Operating system support for persistent and recoverable computations

et al. 1996

View full text Add to dashboard Cite

O PERATING systems manage a computer's resources, maintain its permanent data, and provide an efficient environment for the execution of user programs. Users expect an operating system to provide a certain level of resilience to failure and facilities for recovering from failure with minimal interruption of computations and minimal loss of data.In conventional operating systems, these tasks are centered around the file system as the repository of permanent data and virtual memory as the execution environment. Persistent systems offer an alternative view in which the lifetime of data is separated from the access mechanism. In a persistent system, all data, regardless of its lifetime, is created and manipulated in a uniform manner.When persistence is included as the basic abstraction of an operating system, many of the inadequacies of existing operating systems are eliminated and the tasks of an application J o h n R o s e n b e r g , A l a n D e a r l e , D a v i d H u l s e , A n d e r s L i n d s t r ö m , a n d S t e p h e n N o r r i s OPERATING SYSTEM SUPPORT FOR PERSISTANTand RECOVERABLE COMPUTATIONS Guaranteeing data recovery and consistency, the authors' experimental Grasshopper persistent operating system simplifies application development and encourages construction of integrated systems.

show abstract

“…The parameters of the method (here method m of object x) are evaluated in the creating thread and are made available as values, references 6 and/or capabilities to the new thread. If the method is defined to return a result, this is discarded, i.e.…”

Section: Creating Threadsmentioning

confidence: 99%