Escort is the security architecture for Scout, a configurable operating system designed for network appli-ances. Scout is unique in that it is designed around paths—a communication-centric abstraction that en-capsulates information flows through the system—rather than the more traditional processes and servers. Scout uses paths to make end-to-end resource allocation decisions. Escort extends this idea to isolate these information flows, as well as to provide end-to-end accountability. This paper introduces the Escort security architecture, shows how it can be used to enforce common security policies, and evaluates its design according to several well-established criteria
In current commodity systems, applications have no way of limiting their trust in the underlying ope...
Usage control is an extension of access control that additionally defines what must and must not hap...
Operating systems must be flexible in their support for security policies, providing sufficient mech...
Escort is the security architecture for Scout, a configurable operating system designed for network ...
It is becoming increasingly common to find special-purpose communication devices--Information Applia...
We describe a two-dimensional architecture for defend-ing against denial of service attacks. In one ...
In this paper an alternative framework to the OSI security model is presented. An identification of ...
The connection of an internal network to an external network such as Internet has made it vulnerable...
Network defense implies a comprehensive set of software tools to preclude malicious entities from co...
World is growing with the emerging technologies The computer networks and packet transmission syste...
The foundation for security enforcement is access control. Re-sources must be protected against acce...
This dissertation shows that information assurance properties can be both specified within a formal ...
Operating systems must be flexible in their support for security policies, providing sufficient mech...
The evaluation of computer systems has been an important issue for many years, as evidenced by the i...
A trusted path is a protected channel that assures the secrecy and authenticity of data transfers be...
In current commodity systems, applications have no way of limiting their trust in the underlying ope...
Usage control is an extension of access control that additionally defines what must and must not hap...
Operating systems must be flexible in their support for security policies, providing sufficient mech...
Escort is the security architecture for Scout, a configurable operating system designed for network ...
It is becoming increasingly common to find special-purpose communication devices--Information Applia...
We describe a two-dimensional architecture for defend-ing against denial of service attacks. In one ...
In this paper an alternative framework to the OSI security model is presented. An identification of ...
The connection of an internal network to an external network such as Internet has made it vulnerable...
Network defense implies a comprehensive set of software tools to preclude malicious entities from co...
World is growing with the emerging technologies The computer networks and packet transmission syste...
The foundation for security enforcement is access control. Re-sources must be protected against acce...
This dissertation shows that information assurance properties can be both specified within a formal ...
Operating systems must be flexible in their support for security policies, providing sufficient mech...
The evaluation of computer systems has been an important issue for many years, as evidenced by the i...
A trusted path is a protected channel that assures the secrecy and authenticity of data transfers be...
In current commodity systems, applications have no way of limiting their trust in the underlying ope...
Usage control is an extension of access control that additionally defines what must and must not hap...
Operating systems must be flexible in their support for security policies, providing sufficient mech...