Designing a global name service
PODC '86 Proceedings of the fifth annual ACM symposium on Principles of distributed computing
Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
A calculus for access control in distributed systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
Authentication in the Taos operating system
ACM Transactions on Computer Systems (TOCS) - Special issue on operating systems principles
SAFKASI: a security mechanism for language-based systems
ACM Transactions on Software Engineering and Methodology (TOSEM)
Programming Windows Security
Essential .NET: The Common Language Runtime
Essential .NET: The Common Language Runtime
Improving the granularity of access control for Windows 2000
ACM Transactions on Information and System Security (TISSEC)
ACM SIGOPS Operating Systems Review
Computer
Decentralized user authentication in a global file system
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Distributed Proving in Access-Control Systems
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
BIND: A Fine-Grained Attestation Service for Secure Distributed Systems
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Nexus: a new operating system for trustworthy computing
Proceedings of the twentieth ACM symposium on Operating systems principles
Deconstructing process isolation
Proceedings of the 2006 workshop on Memory system performance and correctness
Language support for fast and reliable message-based communication in singularity OS
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
Access control in a world of software diversity
HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
Sealing OS processes to improve dependability and safety
Proceedings of the 2nd ACM SIGOPS/EuroSys European Conference on Computer Systems 2007
Singularity: rethinking the software stack
ACM SIGOPS Operating Systems Review - Systems work at Microsoft Research
Sealing OS processes to improve dependability and safety
Proceedings of the 2nd ACM SIGOPS/EuroSys European Conference on Computer Systems 2007
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Access control based on code identity for open distributed systems
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
Convergence of desktop and web applications on a multi-service OS
HotSec'09 Proceedings of the 4th USENIX conference on Hot topics in security
Identifying native applications with high assurance
Proceedings of the second ACM conference on Data and Application Security and Privacy
Content-based isolation: rethinking isolation policy design on client systems
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Hi-index | 0.00 |
We describe a new design for authorization in operating systems in which applications are first-class entities. In this design, principals reflect application identities. Access control lists are patterns that recognize principals. We present a security model that embodies this design in an experimental operating system, and we describe the implementation of our design and its performance in the context of this operating system.