Domain and Type Enforcement in a -Kernel

نویسندگان

  • Jonathon Tidswell
  • John Potter
چکیده

This paper addresses the challenge of securely implementing access control mechanisms within operating systems built on minimalistic-kernels. We demonstrate a natural correspondence between the partitioning of access controls provided in the domain and type enforcement security model, and the separation of kernel and user-level services provided in modern-kernel architectures. By adopting a simple table driven approach within the kernel, the approach promises ease of management, exibility and high assurance.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Linux Security Modules: General Security Support for the Linux Kernel

The access control mechanisms of existing mainstream operating systems are inadequate to provide strong system security. Enhanced access control mechanisms have failed to win acceptance into mainstream operating systems due in part to a lack of consensus within the security community on the right solution. Since generalpurpose operating systems must satisfy a wide range of user requirements, an...

متن کامل

USENIX Association Proceedings of the 11 th USENIX Security

The access control mechanisms of existing mainstream operating systems are inadequate to provide strong system security. Enhanced access control mechanisms have failed to win acceptance into mainstream operating systems due in part to a lack of consensus within the security community on the right solution. Since generalpurpose operating systems must satisfy a wide range of user requirements, an...

متن کامل

Fuzzy type theory with partial functions

This paper is a study of fuzzy type theory (FTT) with partial functions. Out of several possibilities we decided tointroduce a special value ”∗” that represents ”undefined”. In the interpretation of FTT, this value lays outside of thecorresponding domain. In the syntax it can be naturally represented by the description operator acting on the empty(fuzzy) set, because choosing an element from it...

متن کامل

An extended multidimensional Hardy-Hilbert-type inequality with a general homogeneous kernel

In this paper, by the use of the weight coefficients, the transfer formula and the technique of real analysis, an extended multidimensional Hardy-Hilbert-type inequality with a general homogeneous kernel and a best possible constant factor is given. Moreover, the equivalent forms, the operator expressions and a few examples are considered.

متن کامل

A Berry-Esseen Type Bound for the Kernel Density Estimator of Length-Biased Data

Length-biased data are widely seen in applications. They are mostly applicable in epidemiological studies or survival analysis in medical researches. Here we aim to propose a Berry-Esseen type bound for the kernel density estimator of this kind of data.The rate of normal convergence in the proposed Berry-Esseen type theorem is shown to be O(n^(-1/6) ) modulo logarithmic term as n tends to infin...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 1997