Protection mechanisms and the enforcement of security policies

  • Anita K. Jones
Chapter 3.: Issues And Results In The Design Of Operating Systems
Part of the Lecture Notes in Computer Science book series (LNCS, volume 60)


Access Control Virtual Machine Security Policy Domain Switching Access Control Policy 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

7. References

  1. Buzen, J. and U. Gagliardi, The Evolution of Virtual Machine Architecture. AFIPS Conference Proceedings, 42, NCC 1973, 291–300.Google Scholar
  2. Cohen, E. and D. Jefferson, Protection in the Hydra Operating Systems, Proceedings Fifth ACM Symposium on Operating System Principles; ACM Operating Systems Review 9, 5 (November 1975) 141–160.Google Scholar
  3. Denning, D. and P. Denning, Certification of Programs for Secure Information Flow. CACM, 20, 7 (July 1977) 504–512.Google Scholar
  4. Dennis, J. and E. Van Horn, Programming Semantics for Multiprogrammed Computations. CACM 9, 3 (March 1966) 143–155.Google Scholar
  5. Dobkin, D., A. K. Jones, R. Lipton, Secure Data Bases: Protection Against User Inference. Transactions on Data Bases, to be published.Google Scholar
  6. England, D. M., Architectural Features of System 250. Proceedings International Switching Symposium, 1972.Google Scholar
  7. Fabry, R. S., Capability Based Addressing. CACM, 17, 7 (July 1974) 403–412.Google Scholar
  8. Ferrie, J., D. Kaiser, D. Lanciaux, and B. Martin, An Extensible Structure for Protected System Design. Proceedings IRIA International Workshop on Protection in Operating Systems, France, 1974.Google Scholar
  9. Feustel, E. A., On the Advantages of Tagged Architecture IEEE Transactions on Computers, C2, 7, 1973, 644–656.Google Scholar
  10. Gold, B., R. Linde, M. Schaefer, and J. Scheid, Final Report: Periods Processing versus KVM/370. System Development Corporation Technical Report, May 1977.Google Scholar
  11. Graham, G. S. and P. J. Denning, Protection—Principles and Practice. AFIPS Conference Proceedings, 40, SJCC 1972, 417–429.Google Scholar
  12. Habermann, A. N., Introduction to Operating System Design. SRA, 1976.Google Scholar
  13. Hoffman, L. J., Modern Methods for Computer Security and Privacy. Prentice Hall, 1977.Google Scholar
  14. Jones, A. K. and W. A. Wulf, Towards the Design of Secure Systems. Software—Practice and Experience, 5 (October–December 1975) 321–336.Google Scholar
  15. Jones, A. K. and R. J. Lipton, The Enforcement of Security Policies for Computation. Carnegie-Mellon University Department of Computer Science Technical Report, May 75.Google Scholar
  16. Jones, A. K. and B. H. Liskov, A Language Extension for Controlling Access to Shared Data. IEEE IEEE Transactions on Software Engineering, SE-2, 4 (December 1976) 277–284.Google Scholar
  17. Jones, A. K., R. J. Chansler, Jr., I. Durham, P. Feiler, and K. Schwans, Software Management of Cm—A Multiple Microprocessor. AFIPS Conference Proceedings, NCC 1977.Google Scholar
  18. Moore, C. G., Potential Capabilities in ALGOL-like Programs. Cornell Department of Computer Science Technical Report (September 1974).Google Scholar
  19. Lampson, B. W., Protection. Proceedings Fifth Annual Princeton Conference on Information Sciences and Systems (1971) 437–443. Reprinted in ACM Operating Systems Review (January 1974).Google Scholar
  20. Lampson, B. W., A Note on the Confinement Problem. CACM, 16, 10 (October 1973) 613–615.Google Scholar
  21. Lampson, B. W. and H. Sturgis, Reflections on an Operating System Design. CACM 19, 5 (May 1976), 251–266.Google Scholar
  22. Linden, T. A., Operating System Structures to Support Security and Reliable Software. ACM Computing Surveys, 8, 4 (December 1976) 409–445.Google Scholar
  23. Liskov, B. and S. Zilles, Specification Techniques for Data Abstractions. Proceedings of the International Conference on Reliable Software, SIGPLAN Notices 12, 3 (1975).Google Scholar
  24. Morris, J. H., Jr., Protection in Programming Languages. CACM, 16, 1 (January 1973) 15–21.Google Scholar
  25. Needham, R. M. and R. D. H. Walker, Protection and Process Management in the CAP Computer, Proceedings IRIA International Workshop on Protection in Operating Systems, France (1974) 155–160.Google Scholar
  26. Popek, G., Protection Structures. Computer (June 1974) 22–33.Google Scholar
  27. Popek, G. and C. Kline, Verifiable Secure Operating Software. AFIPS Conference Proceedings 43, NCC (1974).Google Scholar
  28. Popek, G. and D. Farber, A Model for Verification of Security in Operating Systems. CACM, to be published.Google Scholar
  29. Radin, G. and P. Schneider, An Architecture for an Extended Machine with Protected Addressing. IBM Research TR 00.2757, May 1976.Google Scholar
  30. Redell, D. R. and R. S. Fabry, Selective Revocation of Capabilities. IRIA International Workshop on Protection in Operating Systems, France (1974) 197–210.Google Scholar
  31. Saltzer, J. H. and M. Schroeder, The Protection of Information in Computer Systems, Proceedings of the IEEE, 63, 9 (September 1975) 1278–1308.Google Scholar
  32. Saltzer, J. H., Private Communication.Google Scholar
  33. Schroeder, M., Cooperation of Mutually Suspicious Subsystems in a Computer Utility, Doctoral Thesis, MIT Technical Report, 1972.Google Scholar
  34. Schroeder, M, D. Clark, and J. Saltzer, The Multics Kernel Design. Sixth Symposium on Operating System Principles (November 1977).Google Scholar
  35. Wulf, W. A., et al, Hydra: The Kernel of a Multiprocessor Operating System. CACM [17], 6 (June 1974) 337–345.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1978

Authors and Affiliations

  • Anita K. Jones
    • 1
  1. 1.Department of Computer ScienceCarnegie-Mellon UniversityPittsburghUSA

Personalised recommendations