{"title":"可扩展系统的安全性","authors":"R. Grimm, B. Bershad","doi":"10.1109/HOTOS.1997.595184","DOIUrl":null,"url":null,"abstract":"The recent trend towards dynamically extensible systems, such as Java, SPIN or VINO, promises more powerful and flexible systems. At the same time, the impact of extensibility on overall system security and, specifically, on access control is still ill understood, and protection mechanisms in these extensible systems are rudimentary at best. We identify the structure of extensible systems as it relates to system security and postulate an initial model for access control. This model extends the discretionary access control of traditional operating systems to encompass extensions and, by using ideas explored by the security community, introduces a notion of mandatory access control. While a new access control model does not address all aspects of system security, we believe that it can serve as a solid foundation for developing a fully featured and flexible security model for extensible systems.","PeriodicalId":176246,"journal":{"name":"Proceedings. The Sixth Workshop on Hot Topics in Operating Systems (Cat. No.97TB100133)","volume":"431 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1997-05-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"18","resultStr":"{\"title\":\"Security for extensible systems\",\"authors\":\"R. Grimm, B. Bershad\",\"doi\":\"10.1109/HOTOS.1997.595184\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The recent trend towards dynamically extensible systems, such as Java, SPIN or VINO, promises more powerful and flexible systems. At the same time, the impact of extensibility on overall system security and, specifically, on access control is still ill understood, and protection mechanisms in these extensible systems are rudimentary at best. We identify the structure of extensible systems as it relates to system security and postulate an initial model for access control. This model extends the discretionary access control of traditional operating systems to encompass extensions and, by using ideas explored by the security community, introduces a notion of mandatory access control. While a new access control model does not address all aspects of system security, we believe that it can serve as a solid foundation for developing a fully featured and flexible security model for extensible systems.\",\"PeriodicalId\":176246,\"journal\":{\"name\":\"Proceedings. The Sixth Workshop on Hot Topics in Operating Systems (Cat. No.97TB100133)\",\"volume\":\"431 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1997-05-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"18\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings. The Sixth Workshop on Hot Topics in Operating Systems (Cat. No.97TB100133)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/HOTOS.1997.595184\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. The Sixth Workshop on Hot Topics in Operating Systems (Cat. No.97TB100133)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/HOTOS.1997.595184","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The recent trend towards dynamically extensible systems, such as Java, SPIN or VINO, promises more powerful and flexible systems. At the same time, the impact of extensibility on overall system security and, specifically, on access control is still ill understood, and protection mechanisms in these extensible systems are rudimentary at best. We identify the structure of extensible systems as it relates to system security and postulate an initial model for access control. This model extends the discretionary access control of traditional operating systems to encompass extensions and, by using ideas explored by the security community, introduces a notion of mandatory access control. While a new access control model does not address all aspects of system security, we believe that it can serve as a solid foundation for developing a fully featured and flexible security model for extensible systems.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
