A Retrospective on the VAX VMM Security Kernel
IEEE Transactions on Software Engineering
Communications of the ACM
A decentralized model for information flow control
Proceedings of the sixteenth ACM symposium on Operating systems principles
EROS: a fast capability system
Proceedings of the seventeenth ACM symposium on Operating systems principles
The use of name spaces in plan 9
EW 5 Proceedings of the 5th workshop on ACM SIGOPS European workshop: Models and paradigms for distributed systems structuring
The KeyKOS Nanokernel Architecture
Proceedings of the Workshop on Micro-kernels and Other Kernel Architectures
TrustedBSD: Adding Trusted Operating System Features to FreeBSD
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
A Toolkit for User-Level File Systems
Proceedings of the General Track: 2002 USENIX Annual Technical Conference
Anomaly intrusion detection in dynamic execution environments
Proceedings of the 2002 workshop on New security paradigms
Assuring Distributed Trusted Mach
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
Scale and performance in the Denali isolation kernel
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Building secure high-performance web services with OKWS
ATEC '04 Proceedings of the annual conference on USENIX Annual Technical Conference
REX: secure, extensible remote execution
ATEC '04 Proceedings of the annual conference on USENIX Annual Technical Conference
Preventing privilege escalation
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Improving host security with system call policies
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Privtrans: automatically partitioning programs for privilege separation
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
The flask security architecture: system support for diverse security policies
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
A secure environment for untrusted helper applications confining the Wily Hacker
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Labels and event processes in the asbestos operating system
Proceedings of the twentieth ACM symposium on Operating systems principles
Dynamic trust assessment of software services
2nd international workshop on Service oriented software engineering: in conjunction with the 6th ESEC/FSE joint meeting
Labels and event processes in the Asbestos operating system
ACM Transactions on Computer Systems (TOCS)
Wedge: splitting applications into reduced-privilege compartments
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
Reusability of Functionality-Based Application Confinement Policy Abstractions
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Nemesis: preventing authentication & access control vulnerabilities in web applications
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Proceedings of the 4th Symposium on Computer Human Interaction for the Management of Information Technology
Making Linux protection mechanisms egalitarian with UserFS
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Making information flow explicit in HiStar
Communications of the ACM
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
An evaluation of the Google Chrome extension security architecture
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Enforcing user-space privilege separation with declarative architectures
Proceedings of the seventh ACM workshop on Scalable trusted computing
Hi-index | 0.02 |
Though system security would benefit if programmers routinely followed the principle of least privilege [24], the interfaces exposed by operating systems often stand in the way. We investigate why modern OSes thwart secure programming practices and propose solutions.