We describe a new design for authorization in operating systems in which applications are first-class entities. In this design, prin-cipals reflect application identities. Access control lists are pat-terns that recognize principals. We present a security model that embodies this design in an experimental operating system, and we describe the implementation of our design and its performance in the context of this operating system. Categories and Subject Descriptor
As part of the access control process an authorization decision needs to be taken based on a certain...
AbstractThe privilege in the operating system (OS) often results in the break of confidentiality and...
Users regularly exchange apparently innocuous data files using email and ftp. While the users view t...
We describe a new design for authorization in operating systems in which applications are first-clas...
We describe a new design for authorization in operating systems. In this design two additional units...
We describe a new design for authentication and access control. In this design, principals embody a ...
Sub-Operating Systems: A New Approach to Application Security Users regularly exchange apparently in...
Security is an essential feature and foremost concern to enterprise software systems. Today, applica...
Abstract. Applications typically rely on the operating system to en-force access control policies su...
An important component of a programming language for writing operating systems, or other large para...
Users regularly exchange apparently innocuous data files using email and ftp. While the users view t...
Application security is typically coded in the application. In kernelSec, we are investigating mecha...
Commercial operating systems have recently introduced mandatory access controls (MAC) that can be us...
Nexus Authorization Logic (NAL) provides a principled basis for specifying and reasoning about crede...
Abstract — Modern client platforms, such as iOS, Android, Windows Phone, Windows 8, and web browsers...
As part of the access control process an authorization decision needs to be taken based on a certain...
AbstractThe privilege in the operating system (OS) often results in the break of confidentiality and...
Users regularly exchange apparently innocuous data files using email and ftp. While the users view t...
We describe a new design for authorization in operating systems in which applications are first-clas...
We describe a new design for authorization in operating systems. In this design two additional units...
We describe a new design for authentication and access control. In this design, principals embody a ...
Sub-Operating Systems: A New Approach to Application Security Users regularly exchange apparently in...
Security is an essential feature and foremost concern to enterprise software systems. Today, applica...
Abstract. Applications typically rely on the operating system to en-force access control policies su...
An important component of a programming language for writing operating systems, or other large para...
Users regularly exchange apparently innocuous data files using email and ftp. While the users view t...
Application security is typically coded in the application. In kernelSec, we are investigating mecha...
Commercial operating systems have recently introduced mandatory access controls (MAC) that can be us...
Nexus Authorization Logic (NAL) provides a principled basis for specifying and reasoning about crede...
Abstract — Modern client platforms, such as iOS, Android, Windows Phone, Windows 8, and web browsers...
As part of the access control process an authorization decision needs to be taken based on a certain...
AbstractThe privilege in the operating system (OS) often results in the break of confidentiality and...
Users regularly exchange apparently innocuous data files using email and ftp. While the users view t...