Compartmented Mode Workstation: Prototype Highlights
IEEE Transactions on Software Engineering
Role-Based Access Control Models
Computer
EROS: a fast capability system
Proceedings of the seventeenth ACM symposium on Operating systems principles
Configuring role-based access control to enforce mandatory and discretionary access control policies
ACM Transactions on Information and System Security (TISSEC)
The multics system: an examination of its structure
The multics system: an examination of its structure
Labels and event processes in the asbestos operating system
Proceedings of the twentieth ACM symposium on Operating systems principles
Application security support in the operating system kernel
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
The flask security architecture: system support for diverse security policies
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
A domain and type enforcement UNIX prototype
SSYM'95 Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5
Functional specifications of a subsystem for data base integrity
VLDB '75 Proceedings of the 1st International Conference on Very Large Data Bases
Architecture of virtual machines
AFIPS '73 Proceedings of the June 4-8, 1973, national computer conference and exposition
Security model for resource availability—Subject and object type enforcement
MILCOM'09 Proceedings of the 28th IEEE conference on Military communications
Hi-index | 0.00 |
Multilevel security policies aim at only confidentiality assurance, with less consideration on integrity assurance and weakness in expressing channel control policies. Besides, the trusted subjects it introduces to handle the information flow "downgrade" have many security flaws. Moreover, increasing diversity of the computing environments results in various security requirements. However, current mainstream security models are aiming at only one or few requirements of them each. The Multi-Policy Views Security Model is presented, which is based on the MLS model, combining the domain and role attributes to the model, to enforce the expression power in channel control policies, make permission management more fine-grained and enhance the ability of confining the permission of the trusted subjects. Moreover, MPVSM has integrated the properties and functions of MLS, Domain-Type and Role Based models into one unified model. It is able to enforce multi-policy views in operating system in a flexible way.