Ray Spencer, Stephen Smalley, Peter Loscocco, Mike Hibler, David Andersen, Jay Lepreau  Home/Search
Context Related
| utah.edu/flux/pape...usenixsec99.ps.gz utah.edu/~sds/flask.ps.gz ktsi.com/carlos/papers/99...spencer.pdf Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: utah.edu/flux/papers/index (more) From: utah.edu/~sds/flaskabs (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: Operating systems must be flexible in their support for security policies, providing sufficient mechanisms for supporting the wide variety of real-world security policies. Such flexibility requires controlling the propagation of access rights, enforcing fine-grained access rights and supporting the revocation of previously granted access rights. Previous systems are lacking in at least one of these areas. In this paper we present an operating system security architecture that solves these... (Update)
Cited by: More
A Survey of Kernel-Middleware Interaction in Support of.. - McKinley (2004) (Correct)
A Survey of Some Implementation Techniques for Security Membranes - Lacoste (Correct)
LOMAC: Low Water-Mark Integrity Protection for COTS.. - Timothy Fraser Nai (2000) (Correct)
Active bibliography (related documents): More All
7.1: The Flask Security Architecture: System Support.. - Spencer, Smalley, .. (1998) (Correct)
0.6: Microkernels Meet Recursive Virtual Machines - Ford, Hibler, Lepreau.. (1996) (Correct)
0.4: Developing and Using a "Policy Neutral" Access Control.. - Olawsky, Fine.. (1996) (Correct)
Similar documents based on text: More All
0.2: The DataSafe Failure Recovery Mechanism in the Flask.. - Scheuerl, Connor.. (1996) (Correct)
0.1: Active Protocols for Agile Censor-Resistant Networks - Robert Ricci Jay (2001) (Correct)
0.1: Concurrent Shadow Paging in the Flask Architecture - Munro, Connor, Morrison.. (1994) (Correct)
Related documents from co-citation: More All
10: SLIC: An Extensibility System for Commodity Operating Systems - Ghormley, Rodrigues et al. - 1998
10: Hardening COTS Software with Generic Software Wrappers - Fraser, Badger et al. - 1999
9: A Secure Environment for Untrusted Helper Applications --- Confining the Wily Ha.. - Goldberg, Wagner et al. - 1996
BibTeX entry: (Update)
Ray Spencer, Stephen Smalley, Peter Loscocco, Mike hibler, David Anderson, Jay Lepreau, The Flask Security Architecture: System Support for Diverse Security Policies Univ. of Utah Technical Report UUCS-98-014, August, 1998. http://citeseer.ist.psu.edu/spencer98flask.html More
@techreport{ spencer98flask,
author="Ray Spencer and Stephen Smalley and Peter Losocco and Mike Hibler and David Andersen and Jay Lepreau",
title="The Flask Security Architecture: System Support for Diverse Security Policies"
year=1998,
mon=aug,
number="UUCS-98-014",
url = "citeseer.ist.psu.edu/spencer98flask.html" }
Citations (may not include all citations):412 Security Architecture for the Internet Protocol (context) - Kent, Atkinson - 1998
175 Dealing With Disaster: Surviving Misbehaved Kernel Extension.. - Seltzer, Endo et al. - 1996
175 A Secure Environment for Untrusted Helper Applications - Goldberg, Wagner et al. - 1996
155 Secure Computer Systems: Mathematical Foundations and Model (context) - Bell, Padula - 1973
126 Vnodes: An Architecture for Multiple File System Types in Su.. - Kleiman - 1986
124 Internet Security Association and Key Management Protocol - Maughan, Schertler et al. - 1998
118 Extensible Security Architectures for Java - Wallach, Balfanz et al. - 1997
118 Role-Based Access Control - Ferraiolo, Cugini et al. - 1995
101 The Multics System : An Examination of its Structure (context) - Organick - 1972
92 Microkernels Meet Recursive Virtual Machines - Ford, Hibler et al. - 1996
78 and Performance in the SPIN Operating System (context) - Bershad, Savage et al. - 1995
73 An Overview of the Spring System - Mitchell, Gibbons et al. - 1994
54 A Practical Alternative to Hierarchical Integrity Policies (context) - Boebert, Kain - 1985
52 Building a Secure Computer Systems (context) - Gasser - 1988
49 mmp: An Experimental Computer System (context) - Wulf, Levin et al. - 1981
48 A Secure Identity-Based Capability System - Gong - 1989
41 The Flux OSKit: A Substrate for OS and Language Research (context) - Ford, Back et al. - 1997
24 An Augmented Capability Architecture to Support Lattice Secu.. (context) - Karger, Herbert - 1984
24 mechanism separation in Hydra (context) - Levin, Cohen et al. - 1975
23 Beyond the pale of MAC and DAC - defining new forms of acces.. (context) - McCollum, Messing et al. - 1990
22 On Access Checking in CapabilityBased Systems - Kain, Landwehr - 1986
21 Interface and Execution Models in the Fluke Kernel - Ford, Hibler et al. - 1999
21 Using Kernel Hypervisors to Secure Applications (context) - Mitchem, Lu et al. - 1997
21 Operating System Protection for Fine-Grained Programs - Jaeger, Liedtke et al. - 1998
20 Operating Systems Review (context) - Hardy, Deputy - 1988
18 Assuring Distributed Trusted Mach - Fine, Minear - 1993
16 Providing Policy Control Over Object Operations in a Mach Ba.. - Minear - 1995
16 User-Centered Security (context) - Zurko, Simon - 1996
16 Providing Policy-Neutral and Transparent Access Control in E.. - Grimm, Bershad - 1999
14 the Need for a Third Form of Access Control (context) - Graubart - 1989
14 The ARBAC97 Model for Role-Based Administration of Roles: Pr.. - Sandhu, Bhamidipati et al. - 1997
12 A Comparison of Methods for Implementing Adaptive Security P.. (context) - Carney, Loe - 1998
11 Mach 3 Kernel Interfaces (context) - Loepere - 1992
9 A Generalized Framework for Access Control: An Informal Desc.. (context) - Abrams, LaPadula et al. - 1990
9 Security in KeyKOS (context) - Rajunas, Hardy et al. - 1986
8 Renewed Understanding of Access Control Policies (context) - Abrams - 1993
7 Policy Neutral (context) - Olawsky, Fine et al. - 1996
6 Ensuring Continuity During Dynamic Security Policy Reconfigu.. (context) - Fraser, Badger - 1998
5 Implementing Mandatory Network Security in a Policy-flexible.. - Chitturi - 1998
5 Security in a Secure Capability-Based System (context) - Landau - 1989
4 Towards a New Strategy of OS Design (context) - Bushnell - 1994
4 DTOS Generalized Security Policy Specification (context) - Corp - 1997
3 New Methods for Immediate Revocation (context) - Karger - 1989
3 Assurance in the Fluke Microkernel: Formal Top-Level Specifi.. (context) - Corp - 1999
3 Clans and Chiefs (context) - Liedtke - 1992
2 line documentation included in the Spring Research Distribut.. (context) - Inc, Guide - 1995
2 An Analysis of Application Specific Security Policies (context) - Sterne, Branstad et al. - 1991
2 Assurance in the Fluke Microkernel: Formal Security Policy M.. (context) - Corp - 1999
2 Selective Revocation of Capabilities (context) - Redell, Fabry - 1974
2 Technical Report Technical Report MS-CIS (context) - Shapiro, System - 1997
2 Identification of Subjects and Objects in a Trusted Extensib.. (context) - Benzel, Sebes et al. - 1995
2 A Comparison of Secure Unix Operating Systems (context) - Wong - 1990
The graph only includes citing articles where the year of publication is known.
Documents on the same site (http://www.cs.utah.edu/flux/papers/index.html): More
Separating Presentation from Interface in RPC and IDLs - Ford, Hibler, Lepreau (1994) (Correct)
Microkernels Should Support Passive Objects - Ford, Lepreau (1993) (Correct)
CPU Inheritance Scheduling - Bryan Ford (1996) (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC