The protection mechanisms of current mainstream op erating systems are inadequate to support confidentiality and integrity requirements for end systems. Mandatory access control (MAC) is needed to address such require ments, but the limitations of traditional MAC have in hibited its adoption into mainstream operating systems. The National Security Agency… (More)
The access control mechanisms of existing mainstream operating systems are inadequate to provide strong system security. Enhanced access control mechanisms have failed to win acceptance into mainstream operating systems due in part to a lack of consensus within the security community on the right solution. Since general-purpose operating systems must… (More)
The Android software stack for mobile devices defines and enforces its own security model for apps through its application-layer permissions model. However, at its foundation , Android relies upon the Linux kernel to protect the system from malicious or flawed apps and to isolate apps from one another. At present, Android leverages Linux dis-cretionary… (More)
Operating systems must be flexible in their support for security policies, providing sufficient mechanisms for supporting the wide variety of real-world security policies. Such flexibility requires controlling the propagation of access rights, enforcing fine-grained access rights and supporting the revocation of previously granted access rights. Previous… (More)
Strategic planning for the Radiation Therapy Committee of the Southwest Oncology Group (SWOG) is comprehensively evaluated every six years in an effort to maintain a current and relevant scientific focus, and to provide a standard platform for future development of protocol concepts. Participants in the 2008 Strategic Planning Workshop included clinical… (More)
Mandatory access controls that are flexible in their support for security policies and that are directly integrated into the service-providing components of the operating system will provide the greatest overall benefit to users. Current mainstream operating systems only provide discretionary access controls and place the burden of security on the… (More)
The question before the panel: Considering all factors (for example: quality of protection, performance, compatibility, ease of use), which operating system access control technique will provide the greatest overall benefit to users?