Marvin Schaefer

Learn More
One aspect of producing secure operating systems involves the confinement of programs. This paper discusses the program confinement problem as addressed by the developers of a retrofitted version of the IBM VM/370 virtual machine monitor. This version of the system (called KVM/370) uses a security-kernel architecture to provide a provably secure multi-level(More)
This paper provides an introspective retrospective on the history and development of the United States Department of Defense Trusted Computer System Evaluation Criteria (TCSEC). Known to many as the Orange Book, the TCSEC contained a distillation of what many researchers considered to be the soundest proven principles and practices for achieving graded(More)
I. SUMMARY This article is a retrospective of concepts and people who have contributed significantly to the IEEE Symposium on Security and Privacy over the past 30 years. • We identify many individuals who have contributed to SSP as program chairs, general chairs, and heads of the overseeing IEEE technical committee. • We recognize SSP participants who have(More)