Boebert, E. et al. 1985. Secure Ada Target: Issues, system design, and verification. IEEE Symposium on Security and Privacy, Oakland, CA, pp 176-183.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....expensive. And for an integrity policy it is always necessary to trust some application code. It seems that the best we can do is to apply the kernel method again, putting the code that must be trusted into separate components which are protected subsystems. The operating system must support this [Boebert 1985]. See section 3.1.3 for more on this subject. In many systems any application program running on behalf of a user has the full access to all objects that the user has. This is considered acceptable on the assumption that the program, even if not trusted to always do the right thing, is unlikely to ....

....support the construction of what sometimes have been called protected subsystems , so that application developers can build systems which are protected from user software and from other applications, without subverting the basic security services offered by the operating system. The LOCK system [Boebert 1985], a trusted operating system program funded by the NCSC, incorporates an elaborate set of security facilities which may be an appropriate model for the sort of operating system constructs that are required for secure application development. This system, which is designed as an adjunct to various ....

Boebert, E. et al. 1985. Secure Ada Target: Issues, system design, and verification. IEEE Symposium on Security and Privacy, Oakland, CA, pp 176-183.

....met with varying degrees of success. Many security kernel projects are reported in the literature: PSOS [Feiertag 79, Neumann 77] KSOS [McCauley 79, Berson 79] UCLA Secure Unix project [Popek 79, Walker 80] KVM 370 [Gold 79] and SCOMP [Fraim 83] The Secure Ada Target (SAT, now called LOCK) Boebert 85] is an ongoing project at Honeywell. Landwehr [Landwehr 83] gives a useful summary of the state of the art circa 1983. Rushby criticizes the kernel approach to system security [Rushby 81b] We do not repeat his argument, but point out that the alternative approach to security which he proposes ....

W.E. Boebert, W.D. Young, R.Y. Kain, S.A. Hansohn. Secure Ada Target: Issues, System, Design, and Verification. In Proceedings of the Symposium on Security and Privacy, pages 176-183. 1985.

....level language programs required choosing a verifiable source language. Gypsy 2.05 was an obvious choice. It is an integrated programming and specification language which has been the language of choice for many secure system development efforts [Smith 81, Keeton Williams 82, Siebert 84, Good 84, Boebert 85] Processing of the language and constructing proofs of Gypsy programs is carried out within a mechanized verification environment [GoodDivitoSmith 88] The language has an elegant semantics which is restrictive enough to facilitate compilation. Moreover, the semantics has been largely formalized ....

W.E. Boebert, W.D. Young, R.Y. Kain, S.A. Hansohn. Secure ADA Target: Issues, System Design, and Verification. In Proceedings of the IEEE Symposium on Security and Privacy. 1985.

No context found.

W.E. Boebert, W.D. Young, R.Y. Kain, S.A. Hansohn. Secure Ada Target: Issues, System, Design, and Verification. In Proceedings of the Symposium on Security and Privacy, pages 176-183. 1985.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC