Smalltalk-80: the language and its implementation
Smalltalk-80: the language and its implementation
UNIX installation: security and integrity
UNIX installation: security and integrity
History-based access control for mobile code
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
History-based access control for mobile code
Secure Internet programming
MAPbox: using parameterized behavior classes to confine untrusted applications
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
| Hi-index | 0.00 |
Current implementations of UNIX offer security features in the form of discretionary access controls (DACs). DACs are implemented with file access permissions and access control lists (ACLs). Unfortunately, neither of these facilities provide for access control to active processes. In order to provide many users access to a process (and its associated data) the current practice at our site is to establish a group account, where members on a project team share the login and password for an application. This practice is both insecure, and a violation of our site's security policies. This paper describes the implementation of a new tool, medex, which eliminates the need for group login accounts. Medex mediates the access of users to privileged accounts and executables. The history behind our use of group accoutns and a complete methodology for UNIX application management are presented. Details of the implementation of medex, including its interaction with the existing security features of UNIX, are given. The tool utilizes execution control lists (ECLs) as a means to allow controlled execution of programs under accounts other than the current login. Medex also re-authenticates the user's password upon each instatiation and maintains an audit trial via log files or the use of the UNIX syslog facility. A complete project management example utilizing medex is given along with a comparison to related tools.