Operating System Structures to Support Security and Reliable Software

@article{Linden1976OperatingSS,
  title={Operating System Structures to Support Security and Reliable Software},
  author={Theodore A. Linden},
  journal={ACM Comput. Surv.},
  year={1976},
  volume={8},
  pages={409-445}
}
  • T. Linden
  • Published 1976
  • Computer Science
  • ACM Comput. Surv.
Security has become an important and challenging goal in the design of computer systems. This survey focuses on two system structuring concepts that support security: small protection domains and extended-type objects. These two concepts are especially promising because they also support reliable software by encouraging and enforcing highly modular software structures--in both systems software and in applications programs. Small protection domains allow each subunit or module of a program to be… Expand
A proposal for an architectural approach which apparently solves all known software-based internal computer security problems
TLDR
This solution proposes and develops an architectural approach which manages a sophisticated capability based addressing system entirely in hardware and tends to be somewhat hardware intensive in that they require unusual amounts of control and memory not available to any user. Expand
Operating System Security
TLDR
From this book, systems designers and implementors will learn the requirements for operating systems that effectively enforce security and will better understand how to manage the balance between function and security. Expand
A security policy for a profile-oriented operating system
A security policy for a profile-oriented operating system is described that is adopted from state-of-the-art security properties designed to meet even the strict security requirements of theExpand
A Unifying Approach to the Design of a Secure Database Operating System
TLDR
The new database operating system organization and the logical information model are presented in detail and design of the security subsystem is based on theAccess control model, and is extended with Boolean predicates to produce an access control model capable of enforcing content-dependent security policies. Expand
APPLICATION OF FORMAL LANGUAGE THEORY TO PROBLEMS OF SECURITY AND SYNCHRONIZATION
TLDR
The chapter discusses how the use of formal language theory allows one to analyze completely the behavior of a concrete security system. Expand
An Architecture Supporting Security and Persistent Object Storage
TLDR
Persistent storage concepts provide an abstraction from the conventional main memory - external memory separation and on-chip support for permanent checking of object type and rights is based upon a capability implementation. Expand
Information Protection by Method Base Systems
TLDR
It is shown that a number of measures must accompany this solution in order to be effective: a method base, the control of sets of data, and a hierarchical system structure. Expand
Linux Security Module Framework
Computer security is a chronic and growing problem, even for Linux, as evidenced by the seemingly endless stream of software security vulnerabilities. Security research has produced numerous accessExpand
Data Security: The 1100/90 as a Closed, Fault-Tolerant Environment
TLDR
This paper presents an overview of the protection mechanisms built into the 1100/90 and how they implement a fault-tolerant, closed environment and specifies the problem in terms of current expectations of reliability and security. Expand
Operating system security a tutorial of current research
This tutorial is extracted from the recently completed monograph, Computer Security: Its Problems and Solutions [3], and is intended as a technical review of research in the areas of operating systemExpand
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 99 REFERENCES
Structured specification of a Security Kernel
TLDR
It is intended that the final level of modeling will specify the primitive commands for the kernel of a Multics-like system and will enumerate precisely those assertions which must be proved about the implementation in order to establish correctness. Expand
On attaining reliable software for a secure operating system
TLDR
This paper presents a general methodology for the design, implementation, and proof of large software systems, each described as a hierarchy of abstract machines, and illustrates the methodology by examining three of the system levels, including specifications, for a simplified version of these levels. Expand
COOPERATION OF MUTUALLY SUSPICIOUS SUBSYSTEMS IN A COMPUTER UTILITY
TLDR
Practical protection mechanisms that allow mutually suspicious subsystems to cooperate in a single computation and still be protected from one another are described. Expand
The protection of information in computer systems
TLDR
This tutorial paper explores the mechanics of protecting computer-stored information from unauthorized use or modification by examining in depth the principles of modern protection architectures and the relation between capability systems and access control list systems. Expand
NAMING AND PROTECTION IN EXTENDABLE OPERATING SYSTEMS
TLDR
A new design is proposed, which provides both type extension and revocation through the definition of generalized sealing of capabilities, and it is demonstrated that it would be workable and acceptable economically. Expand
Dynamic protection structures
TLDR
This paper deals with one aspect of the subject, which might be called the meta-theory of protection systems: how can the information which specifies protection and authorizes access, itself be protected and manipulated. Expand
The Control Structure of an Operating System
CAL is an operating system based on the concepts of capabilities and of implementation via machine extension. We first present some brief comments on our design philosophy and our experience withExpand
Report of session on semantics
This session was devoted to consideration of the potential value of ideas in formal semantics for application to the specification and implementation of operating systems, and the benefits and issuesExpand
On the implementation of security measures in information systems
TLDR
The security of an information system may be represented by a model matrix whose elements are decision rules and whose row and column indices are users and data items respectively, which is used to explain security features of several existing systems. Expand
An experimental implementation of the kernel/domain architecture
TLDR
The techniques used in mapping a conceptual model onto commercially available hardware, the domain's memory mapping properties, and their impact on programming language storage-class semantics, and the promise this architecture holds in terms of increased functional flexibility for future-generation geodesic operating systems are reported. Expand
...
1
2
3
4
5
...