The BirliX Security Architecture

A security architecture is a complete frame work that allows to enforce coexisting ap plication and environment speci c security policies by applying security mechanisms in a consistent manner It is argued that such a security architecture can be derived smoothly from an object oriented architec ture such as BirliX BirliX applications run on an abstract ma chine that provides types and instances Ap plications are clusters of instances that in voke methods on each other The BirliX Se curity Architecture provides means to con trol the invocations access control and to control the enforcement of the abstract ma chine infrastructure Both access control and infrastructure are controlled by users respectively systems ad ministrators to support application depen dent security policies

[1]  Oliver C. Kowalski,et al.  Protection in the BirliX operating system , 1990, Proceedings.,10th International Conference on Distributed Computing Systems.

[2]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[3]  Jochen Liedtke,et al.  Clans & Chiefs , 1992, ARCS.

[4]  Jeffrey I. Schiller,et al.  An Authentication Service for Open Network Systems. In , 1998 .

[5]  Virgil D. Gligor,et al.  A formal specification and verification method for the prevention of denial of service , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[6]  H. Hartig,et al.  Operating system(s) on top of persistent object systems-the BirliX approach , 1992, Proceedings of the Twenty-Fifth Hawaii International Conference on System Sciences.

[7]  Chris Mitchell,et al.  Security defects in CCITT recommendation X.509: the directory authentication framework , 1990, CCRV.

[8]  Morrie Gasser,et al.  The Digital Distributed System Security Architecture , 1989 .

[9]  Andrew P. Black,et al.  The Eden System: A Technical Review , 1985, IEEE Transactions on Software Engineering.

[10]  Jon A. Rochlis,et al.  With microscope and tweezers: an analysis of the Internet virus of November 1988 , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[11]  Jonathan K. Millen,et al.  A resource allocation model for denial of service , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[12]  Butler W. Lampson,et al.  Authentication in distributed systems , 1993 .

[13]  Michael Groß,et al.  Vertrauenswürdiges Booten als Grundlage authentischer Basissysteme , 1991, VIS.