Neumann, P., Robinson, L., Levitt, K. N., Boyer, R. S., and Saxena, A. R., "A Provably Secure Operating System," Stanford Research Institute: Menlo Park, CA (1975).  Home/Search   Document Not in Database   Summary   Related Articles   Check

....Second RAID Conference Page 11 . How do we determine the basic characteristic set for any vulnerability . How do we integrate layers of abstraction into this methodology There are no consistent definitions of the specific layers (for example, the THE system has 6 layers [Dijk68] PSOS has 15 [NeRL75]) So this needs to be done on a per system basis. Can characteristics be defined so that, as one refines the higher level characteristics, one can break them into consistent sets of lower level characteristics The development questions are: How effective are tools that look for ....

Neumann, P., Robinson, L., Levitt, K. N., Boyer, R. S., and Saxena, A. R., "A Provably Secure Operating System," Stanford Research Institute: Menlo Park, CA (1975).

....Much has been written about this classic problem but the previous attempts to deal with it formally and mechanically have been incomplete. We have in mind specifically the work related to the SRI Hierarchical Design Methodology [16] and its use in the Provably Secure Operating System (PSOS) [14] and the Software Implemented Fault Tolerant (SIFT) operating system [11, 18] While virtually all of the issues are correctly intuited, we personally find great joy in seeing their formalization and mechanization. Piton was implemented on top of another verified system, namely FM8502. This ....

P. G. Neumann, L. Robinson, K. Levitt, R. Boyer, A. Saxena. A Provably Secure Operating System. Tech. Rept. CSL-116, Computer Science Laboratory, SRI International, 1977.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC