A hardware architecture for implementing protection rings
Communications of the ACM
The Multics virtual memory: concepts and design
Communications of the ACM
Protection in an information processing utility
Communications of the ACM
Time Sharing Computer Systems
An experimental application of cryptography to a remotely accessed data system
ACM '72 Proceedings of the ACM annual conference - Volume 1
SOSP '73 Proceedings of the fourth ACM symposium on Operating system principles
The case for capability based computers (Extended Abstract)
SOSP '73 Proceedings of the fourth ACM symposium on Operating system principles
An implementation of a multiprocessing computer system
SOSP '67 Proceedings of the first ACM symposium on Operating System Principles
COOPERATION OF MUTUALLY SUSPICIOUS SUBSYSTEMS IN A COMPUTER UTILITY
COOPERATION OF MUTUALLY SUSPICIOUS SUBSYSTEMS IN A COMPUTER UTILITY
The multics system: an examination of its structure
The multics system: an examination of its structure
The NTree: a two dimension partial order for protection groups
ACM Transactions on Computer Systems (TOCS)
Integrating security in a large distributed system
ACM Transactions on Computer Systems (TOCS)
A Binary Single-Key-Lock System for Access Control
IEEE Transactions on Computers
Recognizing Immediacy in an N-Tree Hierarchy and its Application to Protection Groups
IEEE Transactions on Software Engineering
Communications of the ACM
CACL: efficient fine-grained protection for objects
OOPSLA '92 conference proceedings on Object-oriented programming systems, languages, and applications
Access control for collaborative environments
CSCW '92 Proceedings of the 1992 ACM conference on Computer-supported cooperative work
Controlling access in multiuser interfaces
ACM Transactions on Computer-Human Interaction (TOCHI)
Flexible meta access-control for collaborative applications
CSCW '98 Proceedings of the 1998 ACM conference on Computer supported cooperative work
A new model of security for distributed systems
NSPW '96 Proceedings of the 1996 workshop on New security paradigms
A transformational grammar-based query processor for access control in a planning system
ACM Transactions on Database Systems (TODS)
Distributed transactions for reliable systems
Proceedings of the tenth ACM symposium on Operating systems principles
Engineering authority and trust in cyberspace: the OM-AM and RBAC way
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Operating System Structures to Support Security and Reliable Software
ACM Computing Surveys (CSUR)
Protection in operating systems
Communications of the ACM
An Integrated Approach to Designing and Evaluating CollaborativeApplications and Infrastructures
Computer Supported Cooperative Work
Secure Internet programming
ACM-SE 18 Proceedings of the 18th annual Southeast regional conference
Proceedings of the 10th international conference on Architectural support for programming languages and operating systems
Java Security: Present and Near Future
IEEE Micro
Authentication for Distributed Web Caches
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
Detecting Manipulated Remote Call Streams
Proceedings of the 11th USENIX Security Symposium
Easy entry: the password encryption problem
ACM SIGOPS Operating Systems Review
ICSE '78 Proceedings of the 3rd international conference on Software engineering
Possibility theory: As a means for modeling computer security and protection
MVL '78 Proceedings of the eighth international symposium on Multiple-valued logic
On protection in operating systems
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
Engineering a security kernel for Multics
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
Sharing data and services in a virtual machine system
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
An approach to error-resistant software design
ICSE '76 Proceedings of the 2nd international conference on Software engineering
Structured specification of a Security Kernel
Proceedings of the international conference on Reliable software
A verifiable protection system
Proceedings of the international conference on Reliable software
A system architecture for compile-time actions in databases
ACM '77 Proceedings of the 1977 annual conference
Partitions and principles for secure operating systems
ACM '75 Proceedings of the 1975 annual conference
Improving the reliability of commodity operating systems
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Computer Security in the Real World
Computer
XOS: an operating system for the X-tree architecture
ACM SIGOPS Operating Systems Review
Supporting workflow in a course management system
Proceedings of the 36th SIGCSE technical symposium on Computer science education
Improving the reliability of commodity operating systems
ACM Transactions on Computer Systems (TOCS)
Peer-to-peer access control architecture using trusted computing technology
Proceedings of the tenth ACM symposium on Access control models and technologies
Security and usability engineering with particular attention to electronic mail
International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
Mondrix: memory isolation for linux using mondriaan memory protection
Proceedings of the twentieth ACM symposium on Operating systems principles
Managing user relationships in hierarchies for information system security
Decision Support Systems
A group-based authorization model for cooperative systems
ECSCW'97 Proceedings of the fifth conference on European Conference on Computer-Supported Cooperative Work
REX: secure, extensible remote execution
ATEC '04 Proceedings of the annual conference on USENIX Annual Technical Conference
Preventing privilege escalation
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Improving host security with system call policies
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
USITS'97 Proceedings of the USENIX Symposium on Internet Technologies and Systems on USENIX Symposium on Internet Technologies and Systems
A layered approach to simplified access control in virtualized systems
ACM SIGOPS Operating Systems Review
Evil twins: two models for TCB reduction in HPC clusters
ACM SIGOPS Operating Systems Review
VLDB '75 Proceedings of the 1st International Conference on Very Large Data Bases
Data base management systems security and INGRES
VLDB '79 Proceedings of the fifth international conference on Very Large Data Bases - Volume 5
A data outsourcing architecture combining cryptography and access control
Proceedings of the 2007 ACM workshop on Computer security architecture
Using hypervisor to provide data secrecy for user applications on a per-page basis
Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Designing secure systems on reconfigurable hardware
ACM Transactions on Design Automation of Electronic Systems (TODAES)
Kwyjibo: automatic domain name generation
Software—Practice & Experience
AFIPS '76 Proceedings of the June 7-10, 1976, national computer conference and exposition
AFIPS '74 Proceedings of the May 6-10, 1974, national computer conference and exposition
Effective and efficient compromise recovery for weakly consistent replication
Proceedings of the 4th ACM European conference on Computer systems
Foundations for group-centric secure information sharing models
Proceedings of the 14th ACM symposium on Access control models and technologies
IBM Systems Journal
Design techniques for a user controlled DB/DC system
IBM Systems Journal
Virtual control storage: security measures in VM/370
IBM Systems Journal
An overview of computer security
IBM Systems Journal
Laissez-faire file sharing: access control designed for individuals at the endpoints
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
Making policy decisions disappear into the user's workflow
CHI '10 Extended Abstracts on Human Factors in Computing Systems
Security Primitives for Reconfigurable Hardware-Based Systems
ACM Transactions on Reconfigurable Technology and Systems (TRETS)
SpyShield: preserving privacy from spy add-ons
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Multi-layer audit of access rights
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
Extended discretionary access controls
SP'88 Proceedings of the 1988 IEEE conference on Security and privacy
Preliminary design of the SAFE platform
PLOS '11 Proceedings of the 6th Workshop on Programming Languages and Operating Systems
Group-Centric Secure Information-Sharing Models for Isolated Groups
ACM Transactions on Information and System Security (TISSEC)
Memory management for self-stabilizing operating systems
SSS'05 Proceedings of the 7th international conference on Self-Stabilizing Systems
Features and object capabilities: reconciling two visions of modularity
Proceedings of the 11th annual international conference on Aspect-oriented Software Development
Policy-driven memory protection for reconfigurable hardware
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Privacy-sensitive VM retrospection
HotCloud'11 Proceedings of the 3rd USENIX conference on Hot topics in cloud computing
SP'11 Proceedings of the 19th international conference on Security Protocols
Formalisation and implementation of the XACML access control mechanism
ESSoS'12 Proceedings of the 4th international conference on Engineering Secure Software and Systems
Dr. Android and Mr. Hide: fine-grained permissions in android applications
Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices
The need for capability policies
Proceedings of the 15th Workshop on Formal Techniques for Java-like Programs
Hi-index | 48.26 |
The design of mechanisms to control the sharing of information in the Multics system is described. Five design principles help provide insight into the tradeoffs among different possible designs. The key mechanisms described include access control lists, hierarchical control of access specifications, identification and authentication of users, and primary memory protection. The paper ends with a discussion of several known weaknesses in the current protection mechanism design.