Developing and using a “policy neutral” access control policy
NSPW '96 Proceedings of the 1996 workshop on New security paradigms
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
Remus: a security-enhanced operating system
ACM Transactions on Information and System Security (TISSEC)
Integrating Flexible Support for Security Policies into the Linux Operating System
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Make least privilege a right (not a privilege)
HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
The flask security architecture: system support for diverse security policies
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
A comparison of methods for implementing adaptive security policies
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
A domain and type enforcement UNIX prototype
SSYM'95 Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5
| Hi-index | 0.00 |
The Distributed Trusted Mach (D TMach) programis developing a design for a high-assurance, secure,distributed system based on Mach. To achieve thisgoal, it is first necessary to identify the general threatsagainst which DTMach must protect. The next stepis to identify control mechanisms that are sufficientto protect against each of the threats. The DTMachdesign makes extensive use of type enforcement in addressing the threats. This paper describes the generalthreats and the countermeasures provided by DTMach.Doing so provides more evidence of the usefulness oftype enforcement in general and the high assuranceprovided by the DTMach type enforcement policy.