Application security support in the operating system kernel
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Mining Security-Sensitive Operations in Legacy Code Using Concept Analysis
ICSE '07 Proceedings of the 29th international conference on Software Engineering
Design of the EROS trusted window system
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Plan 9 authentication in Linux
ACM SIGOPS Operating Systems Review - Research and developments in the Linux kernel
Towards application security on untrusted operating systems
HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
NetAuth: supporting user-based network services
SS'08 Proceedings of the 17th conference on Security symposium
A compositional multiple policies operating system security model
WISA'07 Proceedings of the 8th international conference on Information security applications
An SSH-based toolkit for user-based network services
LISA'09 Proceedings of the 23rd conference on Large installation system administration
User interface models for the cloud
UIST '10 Adjunct proceedings of the 23nd annual ACM symposium on User interface software and technology
Hi-index | 0.00 |
The primary goal of the MITRE compartmented mode workstation (CMW) project was to articulate the security requirements that workstations must meet to process highly classified intelligence data. As a basis for the validity of the requirements developed, aprototype was implemented which demonstrated that workstations could meet the requirements in an operationally useful manner while still remaining binary compatible with off-the-shelf software. The security requirements not only addressed traditional security concerns but also introduced concepts in areas such as labeling and the use of a trusted window management system. The CMW labeling paradigm is based on associating two types of security labels with objects: sensitivity levels and information labels. Sensitivity levels describe the levels at which objects must be protected. Information labels are used to prevent data overclassification and also provide a mechanism for associating with data those markings that are required for accurate data labeling, but which play no role in access control decisions. The use of a trusted window manager allows users to easily operate at multiple sensitivity levels and provides a convenient mechanism for communicating security information to users in a relatively unobtrusive manner.