We describe a new design for authorization in operating systems in which applications are first-class entities. In this design, principals reflect application identities. Access control lists are patterns that recognize principals. We present a security model that embodies this design in an experimental operating system, and we describe the implementation of our design and its performance in the context of this operating system. Categories and Subject Descriptor
As part of the access control process an authorization decision needs to be taken based on a certain...
Nexus Authorization Logic (NAL) provides a principled basis for specifying and reasoning about crede...
Abstract — Modern client platforms, such as iOS, Android, Windows Phone, Windows 8, and web browsers...
We describe a new design for authorization in operating systems in which applications are first-clas...
We describe a new design for authorization in operating systems. In this design two additional units...
We describe a new design for authentication and access control. In this design, principals embody a ...
Sub-Operating Systems: A New Approach to Application Security Users regularly exchange apparently in...
Security is an essential feature and foremost concern to enterprise software systems. Today, applica...
Application security is typically coded in the application. In kernelSec, we are investigating mecha...
Abstract. Applications typically rely on the operating system to en-force access control policies su...
Users regularly exchange apparently innocuous data files using email and ftp. While the users view t...
Users regularly exchange apparently innocuous data files using email and ftp. While the users view t...
Commercial operating systems have recently introduced mandatory access controls (MAC) that can be us...
We propose sub-identities, a new model for protection domains in the operating system. In this model...
An important component of a programming language for writing operating systems, or other large para...
As part of the access control process an authorization decision needs to be taken based on a certain...
Nexus Authorization Logic (NAL) provides a principled basis for specifying and reasoning about crede...
Abstract — Modern client platforms, such as iOS, Android, Windows Phone, Windows 8, and web browsers...
We describe a new design for authorization in operating systems in which applications are first-clas...
We describe a new design for authorization in operating systems. In this design two additional units...
We describe a new design for authentication and access control. In this design, principals embody a ...
Sub-Operating Systems: A New Approach to Application Security Users regularly exchange apparently in...
Security is an essential feature and foremost concern to enterprise software systems. Today, applica...
Application security is typically coded in the application. In kernelSec, we are investigating mecha...
Abstract. Applications typically rely on the operating system to en-force access control policies su...
Users regularly exchange apparently innocuous data files using email and ftp. While the users view t...
Users regularly exchange apparently innocuous data files using email and ftp. While the users view t...
Commercial operating systems have recently introduced mandatory access controls (MAC) that can be us...
We propose sub-identities, a new model for protection domains in the operating system. In this model...
An important component of a programming language for writing operating systems, or other large para...
As part of the access control process an authorization decision needs to be taken based on a certain...
Nexus Authorization Logic (NAL) provides a principled basis for specifying and reasoning about crede...
Abstract — Modern client platforms, such as iOS, Android, Windows Phone, Windows 8, and web browsers...
DOI
Add to ORKG