发布求助
文献互助 智能选刊 最新文献

Proceedings. 1989 IEEE Symposium on Security and Privacy最新文献

筛选
英文 中文
The incorporation of multi-level IPC into Unix 将多级IPC集成到Unix中
Proceedings. 1989 IEEE Symposium on Security and Privacy Pub Date : 1989-05-01 DOI: 10.1109/SECPRI.1989.36281
Thomas J. Parenty
{"title":"The incorporation of multi-level IPC into Unix","authors":"Thomas J. Parenty","doi":"10.1109/SECPRI.1989.36281","DOIUrl":"https://doi.org/10.1109/SECPRI.1989.36281","url":null,"abstract":"The author discusses the design, interface, and implementation issues that need to be addressed for Unix to support multilevel synchronized file access, pipes (FIFOs), messages, and semaphores. It is shown that, by changing some of Unix's underlying mechanisms and by making additions to system calls and the run-time library, it is possible architecturally to support more flexible sharing and communication. This increased sharing simplifies the building of multilevel applications, both trusted and untrusted, to run on top of Unix.<<ETX>>","PeriodicalId":126792,"journal":{"name":"Proceedings. 1989 IEEE Symposium on Security and Privacy","volume":"58 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1989-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128260789","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
A secure identity-based capability system 一个安全的基于身份的能力系统
Proceedings. 1989 IEEE Symposium on Security and Privacy Pub Date : 1989-05-01 DOI: 10.1109/SECPRI.1989.36277
L. Gong
{"title":"A secure identity-based capability system","authors":"L. Gong","doi":"10.1109/SECPRI.1989.36277","DOIUrl":"https://doi.org/10.1109/SECPRI.1989.36277","url":null,"abstract":"The author presents the design of an identity-based capability protection system called ICAP, which is aimed at a distributed system in a network environment. The semantics of traditional capabilities are modified to incorporate subject identities. This enables the monitoring, mediating, and recording of capability propagations to enforce security policies. It also supports administrative activities such as traceability. The author has developed an exception-list approach to achieve rapid revocation and the idea of capability propagation trees for complete revocation. Compared with existing capability system designs, ICAP requires much less storage and has the potential of lower cost and better real-time performance. The author proposes to expand R.Y. Kain and C.E. Landwehr's (1987) design taxonomy of capability-based systems to cover a wider range of designs.<<ETX>>","PeriodicalId":126792,"journal":{"name":"Proceedings. 1989 IEEE Symposium on Security and Privacy","volume":"6 11","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1989-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"113946437","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 188
New methods for immediate revocation 立即撤销的新方法
Proceedings. 1989 IEEE Symposium on Security and Privacy Pub Date : 1989-05-01 DOI: 10.1109/SECPRI.1989.36276
Paul A. Karger
{"title":"New methods for immediate revocation","authors":"Paul A. Karger","doi":"10.1109/SECPRI.1989.36276","DOIUrl":"https://doi.org/10.1109/SECPRI.1989.36276","url":null,"abstract":"The author introduces two techniques for immediate revocation of access rights: revocation with event counts and revocation by chaining. The two algorithms are appropriate for shared and unshared page tables, respectively, and can be used for both access control list and capability-based systems. The proposed techniques are much simpler to implement and more efficient in operation than previous revocation techniques and are therefore more appropriate for implementation in a security kernel, where simplicity of design is crucial. Furthermore, both techniques are particularly appropriate for RISC (reduced-instruction-set computer) implementations where translation buffer misses are handled in software. However, the techniques are very dependent on the particular style of memory management available on the underlying hardware. It is concluded that, with these techniques, user requirements for immediate revocation can be easily met in any operating system on security kernel design.<<ETX>>","PeriodicalId":126792,"journal":{"name":"Proceedings. 1989 IEEE Symposium on Security and Privacy","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1989-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121711027","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信