Hot or not: revealing hidden services by their clock skew
Proceedings of the 13th ACM conference on Computer and communications security
Analysis of three multilevel security architectures
Proceedings of the 2007 ACM workshop on Computer security architecture
Implementing middleware for content filtering and information flow control
Proceedings of the 2007 ACM workshop on Computer security architecture
A security architecture for transient trust
Proceedings of the 2nd ACM workshop on Computer security architectures
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Clarifying integrity control at the trusted information environment
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
An approach to model checking ada programs
Ada-Europe'12 Proceedings of the 17th Ada-Europe international conference on Reliable Software Technologies
| Hi-index | 0.00 |
Past efforts at designing and implementing ultra high assurance systems for government security and safety have centered on the concept of a monolithic security kernel responsible for a system-wide security policy. This approach leads to inflexible, overly complex operating systems that are too large to evaluate at the highest assurance levels (e.g., Common Criteria EAL 5 and above). We describe a new multi-layered approach to the design and verification of embedded trustworthy systems that is currently being used in the implementation of real time, embedded applications. The framework supports multiple levels of safety and multiple levels of security, based on the principle of creating separate layers of responsibility and control, with each layer responsible for enforcing its own security policy.