Making information flow explicit in HiStar

Authors:
Nickolai Zeldovich;Silas Boyd-Wickizer;Eddie Kohler;David Mazières
Affiliations:
Massachusetts Institute of Technology, CSAIL, Cambridge, MA;Massachusetts Institute of Technology, CSAIL, Cambridge, MA;University of California, Los Angeles, CA;Stanford University, Stanford, CA
Venue:
Communications of the ACM
Year:
2011

Citing 15
Cited 3

Multilevel security in the UNIX tradition

Software—Practice & Experience
EROS: a fast capability system

Proceedings of the seventeenth ACM symposium on Operating systems principles
Formal Models for Computer Security

ACM Computing Surveys (CSUR)
Protecting privacy using the decentralized label model

ACM Transactions on Software Engineering and Methodology (TOSEM)
The KeyKOS Nanokernel Architecture

Proceedings of the Workshop on Micro-kernels and Other Kernel Architectures
Integrating Flexible Support for Security Policies into the Linux Operating System

Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
A hardware architecture for implementing protection rings

SOSP '71 Proceedings of the third ACM symposium on Operating systems principles
LOMAC: Low Water-Mark Integrity Protection for COTS Environments

SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Labels and event processes in the asbestos operating system

Proceedings of the twentieth ACM symposium on Operating systems principles
Make least privilege a right (not a privilege)

HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
Information flow control for standard OS abstractions

Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Making information flow explicit in HiStar

OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
The spring nucleus: a microkernel for objects

Usenix-stc'93 Proceedings of the USENIX Summer 1993 Technical Conference on Summer technical conference - Volume 1
Securing distributed systems with information flow control

NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
Hardware enforcement of application security policies using tagged memory

OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation

Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles

ACM SIGOPS 24th Symposium on Operating Systems Principles
From L3 to seL4 what have we learnt in 20 years of L4 microkernels?

Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles
Comprehensive formal verification of an OS microkernel

ACM Transactions on Computer Systems (TOCS)

Quantified Score

Hi-index	48.22

Visualization

Abstract

HiStar is a new operating system designed to minimize the amount of code that must be trusted. HiStar provides strict information flow control, which allows users to specify precise data security policies without unduly limiting the structure of applications. HiStar's security features make it possible to implement a Unix-like environment with acceptable performance almost entirely in an untrusted user-level library. The system has no notion of superuser and no fully trusted code other than the kernel. HiStar's features permit several novel applications, including privacy-preserving, untrusted virus scanners and a dynamic Web server with only a few thousand lines of trusted code.