Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
Computational mail as network infrastructure for computer-supported cooperative work
CSCW '92 Proceedings of the 1992 ACM conference on Computer-supported cooperative work
Active mail—a framework for implementing groupware
CSCW '92 Proceedings of the 1992 ACM conference on Computer-supported cooperative work
Authentication in the Taos operating system
ACM Transactions on Computer Systems (TOCS) - Special issue on operating systems principles
Tcl and the Tk toolkit
Support for the file system security requirements of computational E-mail systems
CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Role-Based Access Control Models
Computer
Supporting multi-user, multi-applet workspaces in CBE
CSCW '96 Proceedings of the 1996 ACM conference on Computer supported cooperative work
A protection scheme for mobile agents on Java
MobiCom '97 Proceedings of the 3rd annual ACM/IEEE international conference on Mobile computing and networking
A role-based access control model for protection domain derivation and management
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Reconciling role based management and role based access control
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Role templates for content-based access control
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Programming semantics for multiprogrammed computations
Communications of the ACM
The Java Language Specification
The Java Language Specification
Java Security: Present and Near Future
IEEE Micro
A Flexible Security System for Using Internet Content
IEEE Software
EMail With A Mind of Its Own: The Safe-Tcl Language for Enabled Mail
Proceedings of the IFIP TC6/WG6.5 International Conference on Upper Layer Protocols, Architectures and Applications
Authorization in CORBA Security
ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
MMH: Software Message Authentication in the Gbit/Second Rates
FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
Architektur von Rechensystemen, 12. GI/ITG-Fachtagung
Role-Based Access Control Framework for Network Enterprises
ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
Specifying security for CSCW systems
CSFW '95 Proceedings of the 8th IEEE workshop on Computer Security Foundations
Implementation of a discretionary access control model for script-based systems
CSFW '95 Proceedings of the 8th IEEE workshop on Computer Security Foundations
Flexible Access Control using IPC Redirection
HOTOS '99 Proceedings of the The Seventh Workshop on Hot Topics in Operating Systems
Java Security: From HotJava to Netscape and Beyond
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Safe Tcl: a toolbox for constructing electronic meeting places
WOEC'95 Proceedings of the 1st conference on USENIX Workshop on Electronic Commerce - Volume 1
The CRISIS wide area security architecture
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Unified support for heterogeneous security policies in distributed systems
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Operating system protection for fine-grained programs
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Building systems that flexibly control downloaded executable context
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Providing policy control over object operations in a mach based system
SSYM'95 Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5
Implementing multiple protection domains in java
ATEC '98 Proceedings of the annual conference on USENIX Annual Technical Conference
ATEC '98 Proceedings of the annual conference on USENIX Annual Technical Conference
Enclaves: enabling secure collaboration over the Internet
IEEE Journal on Selected Areas in Communications
On the increasing importance of constraints
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
TRBAC: a temporal role-based access control model
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Managing access control complexity using metrices
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Reflective authorization systems: possibilities, benefits, and drawbacks
Secure Internet programming
Access control in configurable systems
Secure Internet programming
Practical safety in flexible access control models
ACM Transactions on Information and System Security (TISSEC)
TRBAC: A temporal role-based access control model
ACM Transactions on Information and System Security (TISSEC)
An approach to engineer and enforce context constraints in an RBAC environment
Proceedings of the eighth ACM symposium on Access control models and technologies
An integrated approach to engineer and enforce context constraints in RBAC environments
ACM Transactions on Information and System Security (TISSEC)
Labels and event processes in the asbestos operating system
Proceedings of the twentieth ACM symposium on Operating systems principles
Labels and event processes in the Asbestos operating system
ACM Transactions on Computer Systems (TOCS)
AnZenMail: a secure and certified e-mail system
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
A framework integrating attribute-based policies into role-based access control
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
| Hi-index | 0.00 |
We present a security architecture that enables system and application a ccess control requirements to be enforced on applications composed from downloaded executable content. Downloaded executable content consists of messages downloaded from remote hosts that contain executables that run, upon receipt, on the downloading principal's machine. Unless restricted, this content can perform malicious actions, including accessing its downloading principal's private data and sending messages on this principal's behalf. Current security architectures for controlling downloaded executable content (e.g., JDK 1.2) enable specification of access control requirements for content based on its provider and identity. Since these access control requirements must cover every legal use of the class, they may include rights that are not necessary for a particular application of content. Therefore, using these systems, an application composed from downloaded executable content cannot enforce its access control requirements without the addition of application-specific security mechanisms. In this paper, we define an access control model with the following properties: (1) system administrators can define system access control requirements on applications and (2) application developers can use the same model to enforce application access control requirements without the need for ad hoc security mechanisms. This access control model uses features of role-based access control models to enable (1) specification of a single role that applies to multiple application instances; (2) selection of a content's access rights based on the content's application and role in the application; (3) consistency maintained between application state and content access rights; and (4) control of role administration. We detail a system architecture that uses this access control model to implement secure collaborative applications. Lastly, we describe an implementation of this architecture, called the Lava security architecture.