In this paper, we introduce a new application isolation model which bases on Least-Privilege principle and Need-to-Know principle. Since this model is easy to implement, we call it the Feather-weight Application Isolation (FAI) model. This model is used to achieve the Process Permission Constraint (PPC) and classified Object Access Control (OAC). The model allows us to make application isolation depending on PPC policies and OAC policies. Compared with the existing complex isolation models such as sandboxes and virtual machines, the FAI model is simpler, and therefore it does not only meet the necessary security requirements but also increases the usability. To isolate applications and prevent classified objects of the applications from bei...
The purpose of ubiquitous computing is anywhere and anytime access to information within computing i...
Existing applications often contain security holes that are not patched until after the system has a...
this paper, we define an access control model with the following properties: (1) system administrato...
In this paper, we introduce a new application isolation model which bases on Least-Privilege princip...
This paper presents the functionality-based application confinement (FBAC) access control model. FBA...
Typical isolation models are studied and a New Application Security Isolation model called NASI is p...
With the rapid development of information technology, the secrutiy problems of information systems a...
Traditional user-oriented access control models such as Mandatory Access Control (MAC) and Discretio...
Under most widely-used security mechanisms the programs users run possess more authority than is str...
Traditional access control models and mechanisms struggle to contain the threats posed by malware an...
Modern client platforms, such as iOS, Android, Win-dows Phone 7, and Windows 8, have progressed from...
The economy-of-scale benefits of multi-tenancy are most compelling at the application level, as this...
Many operating system services require special privileges to execute their tasks. A programming erro...
Modern applications often involve processing of sensitive information. However, the lack of privileg...
Security is an essential feature and foremost concern to enterprise software systems. Today, applica...
The purpose of ubiquitous computing is anywhere and anytime access to information within computing i...
Existing applications often contain security holes that are not patched until after the system has a...
this paper, we define an access control model with the following properties: (1) system administrato...
In this paper, we introduce a new application isolation model which bases on Least-Privilege princip...
This paper presents the functionality-based application confinement (FBAC) access control model. FBA...
Typical isolation models are studied and a New Application Security Isolation model called NASI is p...
With the rapid development of information technology, the secrutiy problems of information systems a...
Traditional user-oriented access control models such as Mandatory Access Control (MAC) and Discretio...
Under most widely-used security mechanisms the programs users run possess more authority than is str...
Traditional access control models and mechanisms struggle to contain the threats posed by malware an...
Modern client platforms, such as iOS, Android, Win-dows Phone 7, and Windows 8, have progressed from...
The economy-of-scale benefits of multi-tenancy are most compelling at the application level, as this...
Many operating system services require special privileges to execute their tasks. A programming erro...
Modern applications often involve processing of sensitive information. However, the lack of privileg...
Security is an essential feature and foremost concern to enterprise software systems. Today, applica...
The purpose of ubiquitous computing is anywhere and anytime access to information within computing i...
Existing applications often contain security holes that are not patched until after the system has a...
this paper, we define an access control model with the following properties: (1) system administrato...