Protection in the BirliX operating system

The user-interface-level and implementation-level protection mechanisms of the BirliX operating system are described and motivated. Descriptions are provided of subject restriction and object protection as complementary user-interface-level mechanisms for enforcing security policies by building small domains of protection. Traceability is used as a basis for tracing back violations of policies to answerable humans.<<ETX>>

[1]  Jerome H. Saltzer,et al.  Protection and the control of information sharing in multics , 1974, CACM.

[2]  Andrew P. Black,et al.  The Eden System: A Technical Review , 1985, IEEE Transactions on Software Engineering.

[3]  Bruce G. Lindsay,et al.  Object Migration and Authentication , 1979, IEEE Transactions on Software Engineering.

[4]  Helmut G. Stiegler A structure for access control lists , 1979, Softw. Pract. Exp..

[5]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[6]  Eugene H. Spafford,et al.  The internet worm program: an analysis , 1989, CCRV.

[7]  Jeffrey I. Schiller,et al.  An Authentication Service for Open Network Systems. In , 1998 .

[8]  F. T. Grampp,et al.  The UNIX system UNIX operating system security , 1984, AT&T Bell Laboratories Technical Journal.

[9]  Carole B. Hogan Protection imperfect: the security of some computing environments , 1988, OPSR.

[10]  David K. Gifford Cryptographic sealing for information secrecy and authentication , 1982, CACM.

[11]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[12]  Roger M. Needham,et al.  Authentication revisited , 1987, OPSR.

[13]  Mahadev Satyanarayanan,et al.  Integrating security in a large distributed system , 1989, TOCS.

[14]  Fred Cohen A cryptographic checksum for integrity protection , 1987, Comput. Secur..

[15]  David P. Anderson,et al.  A Protocol for Secure Communication in Large Distributed Systems , 1987 .

[16]  Peter J. Denning,et al.  Protection: principles and practice , 1972, AFIPS '72 (Spring).

[17]  Ken Thompson,et al.  Password security: a case history , 1979, CACM.

[18]  Jerome H. Saltzer,et al.  The protection of information in computer systems , 1975, Proc. IEEE.

[19]  David D. Clark,et al.  A Comparison of Commercial and Military Computer Security Policies , 1987, 1987 IEEE Symposium on Security and Privacy.

[20]  Paul A. Karger,et al.  Limiting the Damage Potential of Discretionary Trojan Horses , 1987, 1987 IEEE Symposium on Security and Privacy.