An Augmented Capability Architecture to Support Lattice Security and Traceability of Access
作者: Paul A. Karger , Andrew J. Herbert
关键词:
摘要: This paper describes a protection system that supports the confinement of access as required by non-discretionary control models such Bell and LaPadula lattice model. The approach is to use capability-based at lowest level for implementing confined domains, in support lists expressing security policies outside kernel. implementation context hardware capabilities discussed.
computer.org
ieeecomputersociety.org参考文章(10)
Steven B. Lipner, Non-Discretionery Controls for Commercial Applications ieee symposium on security and privacy. pp. 2- 2 ,(1982) , 10.1109/SP.1982.10022
G. J. Myers, B. R. S. Buckingham, A hardware implementation of capability-based addressing ACM SIGOPS Operating Systems Review. ,vol. 14, pp. 13- 25 ,(1980) , 10.1145/850708.850709
Steven B. Lipner, A comment on the confinement problem ACM SIGOPS Operating Systems Review. ,vol. 9, pp. 192- 196 ,(1975) , 10.1145/1067629.806537
William B. Ackerman, William W. Plummer, An implementation of a multiprocessing computer system symposium on operating systems principles. pp. 5- ,(1967) , 10.1145/800001.811666
Michael D. Schroeder, Jerome H. Saltzer, A hardware architecture for implementing protection rings Communications of the ACM. ,vol. 15, pp. 157- 170 ,(1972) , 10.1145/361268.361275
Butler W. Lampson, Howard E. Sturgis, Reflections on an operating system design Communications of the ACM. ,vol. 19, pp. 251- 265 ,(1976) , 10.1145/360051.360074
Butler W. Lampson, A note on the confinement problem Communications of the ACM. ,vol. 16, pp. 613- 615 ,(1973) , 10.1145/362375.362389
G. Scott Graham, Peter J. Denning, Protection Proceedings of the November 16-18, 1971, fall joint computer conference on - AFIPS '71 (Fall). pp. 417- 429 ,(1971) , 10.1145/1478873.1478928
Jack B. Dennis, Earl C. Van Horn, Programming semantics for multiprogrammed computations Communications of the ACM. ,vol. 26, pp. 29- 35 ,(1983) , 10.1145/357980.357993
J. F. SCHEID, P. D. WARD, B. D. GOLD, R. R. LINDE, R. J. PEELER, M. SCHAEFER, A security retrofit of VM/370 1979 International Workshop on Managing Requirements Knowledge (MARK). ,(1979) , 10.1109/MARK.1979.8817181