Citations: A provably secure operating system: The system - NEUMANN, BOYER, FEIERTAG, LEVITT, ROBINSON (ResearchIndex)

23 citations found. Retrieving documents...

P. G. Neumann, R. S. Boyer, R. J. Feiertag, K. N. Levitt, and L. Robinson. A provably secure operating system: The system, its applications, and proofs. Technical Report CSL-116, Computer Science Laboratory, SRI International, 1980.

Home/Search Document Not in Database Summary Related Articles Check

This paper is cited in the following contexts:

Design and Verification of Secure Systems - Rushby (1981) (20 citations) (Correct)

....technique. In fact, it is doubtful whether that model really provides a sound basis for the verification of any sort of security kernel but then it was not formulated for that purpose. Feiertag s model was intended to provide a basis for verifying the Secure Object Manager (SOM) of PSOS [22] for which purpose it is eminently suitable. The model formulates a specification of multilevel security for a system which consumes inputs that are tagged with their security classifications and produces similarly tagged outputs. Ordinary programs, such as the SOM or a file server, are sound ....

P. G. Neumann, R. S. Boyer, R. J. Feiertag, K. N. Levitt, and L. Robinson. A provably secure operating system: The system, its applications, and proofs. Technical report, SRI International, May 1980. Second Edition, Report CSL116.

Verifying the EROS Confinement Mechanism - Shapiro, Weber (2000) (Correct)

....there is no provision in the Rushby formulation for the actions of the step function to revise the security assertions as access rights are legitimately propagated or mandatory constraints are revised. Neumann et al. constructed extensive proof synthesis mechanisms in connection with PSOS [12]. While a proof sketch of the security properties of this system was included in the report, no proof of correctness for con nement in the PSOS system has been published. The proof sketched in the report fails to demonstrate that the operational semantics of the system architecture actually satis ....

P. G. Neumann, R. S. Boyer, R. J. Feiertag, K. N. Levitt, and L. Robinson. A Provably Secure Operating System: The System, Its Applications, and Proofs. Technical Report Report CSL116, Computer Science Laboratory, may 1980.

Kit: A Study in Operating System Verification - Bevier (1989) (23 citations) (Correct)

....policy, implement the kernel, and prove the implementation correct. Some projects were intended to complete only an initial portion of this sequence of goals. The goals were met with varying degrees of success. Many security kernel projects are reported in the literature: PSOS [Feiertag 79, Neumann 77] KSOS [McCauley 79, Berson 79] UCLA Secure Unix project [Popek 79, Walker 80] KVM 370 [Gold 79] and SCOMP [Fraim 83] The Secure Ada Target (SAT, now called LOCK) Boebert 85] is an ongoing project at Honeywell. Landwehr [Landwehr 83] gives a useful summary of the state of the art circa 1983. ....

P.G. Neumann, R.S. Boyer, R.J. Feiertag, K.N. Levitt, L. Robinson. A Provably Secure Operating System: The System, Its Applications, and Proofs. Technical Report, SRI, February, 1977. 28

Extensible Security Architectures for Java - Wallach, Balfanz, Dean, Felten (1997) (111 citations) (Correct)

....This section discusses general issues for capabilities in Java, rather than specifics of the Electric Communities or JavaSoft systems. Dating back to the 1960 s, hardware and software based capability systems have often been seen as a good way to structure a secure operating system [Hardy 1985; Neumann et al. 1980; Tanenbaum et al. 1986] Fundamentally, a capability is an unforgeable pointer to a controlled system resource. To use a capability, a program must have been first explicitly given that capability, either as part of its initialization or as the result of calling another capability. Once a ....

NEUMANN, P. G., BOYER, R. S., FEIERTAG, R. J., LEVITT, K. N., AND ROBINSON, L. 1980. A provably secure operating system: The system, its applications, and proofs. Tech. Rep. CSL-116, 2nd Ed., SRI International.

Goals for Computer Security Education - Cynthia Irvine (1996) (1 citation) (Correct)

....problem [6] They would learn how security policies and their mathematical formulations, e.g. 2, 8] provide a blueprint for constructing a system intended to provide policy enforcement. Students could start by seeing how systems with assured security properties were built in the past, e.g. [9] and [11] Tracing the application and extension of basic security principles through the evolving technology to the hottest developments emerging from industry, the educational program would prepare students to understand how these concepts might be applied in the future. Needless to say hefty ....

P. Neumann, R.S. Boyer, R. J. Feiertag, K. N. Levitt, and L. Robinson. A Provably Secure Operating System: The System, Its Applications and Proofs. Technical Report CSL-116, SRI International, Menlo Park, CA, May 1980.

Extensible Security Architectures for Java - Wallach (1997) (111 citations) (Correct)

....section discusses general issues for implementing capabilities in Java, rather than specifics of the Electric Communities or JavaSoft implementations. Dating back to the 1960 s, hardware and softwarebased capability systems have often been seen as a good way to structure a secure operating system [17, 30, 39]. Fundamentally, a capability is an unforgeable pointer to a controlled system resource. To use a capability, a program must have been first explicitly given that capability, either as part of its initialization or as the result of calling another capability. Once a capability has been given to a ....

NEUMANN, P. G., BOYER, R. S., FEIERTAG, R. J., LEVITT, K. N., AND ROBINSON, L. A provably secure operating system: The system, its applications, and proofs. Tech. Rep. CSL-116, 2nd Ed., SRI International, May 1980.

Achieving Principled Assuredly Trustworthy - Composable Systems And Self-citation (Neumann) (Correct)

No context found.

P.G. Neumann, R.S. Boyer, R.J. Feiertag, K.N. Levitt, and L. Robinson. A Provably Secure Operating System: The system, its applications, and proofs. Technical report, Computer Science Laboratory, SRI International, Menlo Park, California, May 1980. 2nd ed., Report CSL-116.

PSOS Revisited - Neumann, Feiertag (2003) (1 citation) Self-citation (Neumann Feiertag) (Correct)

Towards Verified Virtual Memory in L4 - Gerwin Klein And (2004) (Correct)

No context found.

P. G. Neumann, R. S. Boyer, R. J. Feiertag, K. N. Levitt, and L. Robinson. A provably secure operating system: The system, its applications, and proofs. Technical Report CSL-116, Computer Science Laboratory, SRI International, 1980.

Formalising a High-Performance Microkernel - Kevin Elphinstone Gerwin (Correct)

Formalising the L4 microkernel API - Rafal Kolanski Gerwin (Correct)

OS Verification --- Now! - Harvey Tuch Gerwin (Correct)

OS Verification - Now! - Tuch, Klein, Heiser (Correct)

A New Approach to Mobile Code Security - Wallach (1999) (21 citations) (Correct)

No context found.

Peter G. Neumann, Robert S. Boyer, Richard J. Feiertag, Karl N. Levitt, and Lawrence Robinson. A provably secure operating system: The system, its applications, and proofs. Technical Report CSL-116, 2nd Ed., SRI International, May 1980.

Paradigm Regained: Abstraction Mechanisms for Access Control - Miller, Shapiro (2003) (2 citations) (Correct)

No context found.

P. G. Neumann, R. S. Boyer, R. J. Feiertag, K. N. Levitt, L. Robinson. A Provably Secure Operating System: The System, Its Applications, and Proofs, CSL-116, Computer Science Laboratory, SRI International, Inc., May 1980.

Principled Assuredly Trustworthy Composable Architectures - Neumann (2004) (2 citations) (Correct)

Verifying Operating System Security - Shapiro, Weber (1997) (3 citations) (Correct)

A Verified Operating System Kernel - Bevier (1987) (12 citations) (Correct)

No context found.

P.G. Neumann, R.S. Boyer, R.J. Feiertag, K.N. Levitt, L. Robinson. A Provably Secure Operating System: The System, Its Applications, and Proofs. Technical Report, SRI, February, 1977.

Processing Visual Specifications of File System Security - Heydon (1992) (3 citations) (Correct)

No context found.

P. G. Neumann, R. S. Boyer, R. J. Feiertag, K. N. Levitt, and L. Robinson. A Provably Secure Operating System: The System, Its Applications, and Proofs, Second Edition. Technical Report CSL-116, SRI, May 1980.

A Family of Securable Protection Systems - Shapiro, Weber (1998) (Correct)

Analysis of a Technical Description of the Airbus A320 Braking.. - Ladkin (1995) (2 citations) (Correct)

No context found.

P.G. Neumann, R.S. Boyer, R.J. Feiertag, K.N. Levitt, and L. Robinson. A provably secure operating system: The system, its applications, and proofs. Technical Report CSL-116, SRI International, Menlo Park, CA, 1980. 2nd. edition.

Verifying Operating System Security - Shapiro, Weber (1997) (3 citations) (Correct)

No context found.

P. G. Neumann, R. S. Boyer, R. J. Feiertag, K. N. Levitt, and L. Robinson. A Provably Secure Operating System: The System, Its Applications, and Proofs. Computer Science Laboratory Report CSL-116, Second Edition, May 7, 1980, SRI International.

Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback

CiteSeer.IST - Copyright Penn State and NEC