ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Support for the file system security requirements of computational E-mail systems
Full text PdfPdf (866 KB)
Source Conference on Computer and Communications Security archive
Proceedings of the 2nd ACM Conference on Computer and communications security table of contents
Fairfax, Virginia, United States
Pages: 1 - 9  
Year of Publication: 1994
ISBN:0-89791-732-4
Authors
Trent Jaeger  Software Systems Research Laboratory, Department of Electrical Engineering and Computer Science, University of Michigan, Ann Arbor, MI
Atul Prakash  Software Systems Research Laboratory, Department of Electrical Engineering and Computer Science, University of Michigan, Ann Arbor, MI
Sponsor
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 3,   Downloads (12 Months): 33,   Citation Count: 7
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/191177.191179
What is a DOI?

ABSTRACT

Computational e-mail systems, which allow mail messages to contain command scripts that automatically execute upon receipt, can be used as a basis for building a variety of collaborative applications. However, their use also presents a serious security problem because a command script from a sender may access/modify receiver's private files or execute applications on receiver's behalf. Existing solutions to the problem either severely restrict I/O capability of scripts, limiting the range of applications that can be supported over computational e-mail, or permit all I/O to scripts, potentially compromising the security of the receiver's files. Our model, called the intersection model of security, permits I/O for e-mail from trusted senders but without compromising the security of private files. We describe two implementations of our security model: an interpreter-level implementation and an operating systems-level implementation. We discuss the tradeoffs between the two implementations and suggest directions for future work.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

1
Nathanial S. Borenstein, Computational mail as network infrastructure for computer-supported cooperative work, Proceedings of the 1992 ACM conference on Computer-supported cooperative work, p.67-74, November 01-04, 1992, Toronto, Ontario, Canada  [doi>10.1145/143457.143463]
 
2
Nathaniel S. Borenstein, EMail With A Mind of Its Own: The Safe-Tcl Language for Enabled Mail, Proceedings of the IFIP TC6/WG6.5 International Conference on Upper Layer Protocols, Architectures and Applications, p.389-402, June 01-03, 1994
 
3
N. S. Borenstein and N. Freed. MIME (Multipurpose Internet Mail Extensions): Mechanisms for specifying and describing the format of internet message bodies. RFC 1521.
4
Yaron Goldberg , Marilyn Safran , Ehud Shapiro, Active mail—a framework for implementing groupware, Proceedings of the 1992 ACM conference on Computer-supported cooperative work, p.75-83, November 01-04, 1992, Toronto, Ontario, Canada  [doi>10.1145/143457.143464]
5
Michael J. Knister , Atul Prakash, DistEdit: a distributed toolkit for supporting multiple group editors, Proceedings of the 1990 ACM conference on Computer-supported cooperative work, p.343-355, October 07-10, 1990, Los Angeles, California, United States  [doi>10.1145/99332.99366]
 
6
M. Knister and A. Prakash. Issues in the design of a toolkit for supporting multiple group editors. Computing Systems, 6(2):135-166, 1993.
 
7
John K. Ousterhout, Tcl and the Tk toolkit, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1994
8
Atul Prakash , Hyong Sop Shim, DistView: support for building efficient collaborative applications using replicated objects, Proceedings of the 1994 ACM conference on Computer supported cooperative work, p.153-164, October 22-26, 1994, Chapel Hill, North Carolina, United States  [doi>10.1145/192844.192895]
9
M. Satyanarayanan, Integrating security in a large distributed system, ACM Transactions on Computer Systems (TOCS), v.7 n.3, p.247-280, Aug. 1989  [doi>10.1145/65000.65002]
 
10
Mahadev Satyanarayanan, Scalable, Secure, and Highly Available Distributed File Access, Computer, v.23 n.5, p.9-18, 20-21, May 1990  [doi>10.1109/2.53351]
 
11
J. G. Steiner, C. Neumann, and J. J. Schiller. Kerberos: An authentication service for open network systems. In Proceedings of the Usenix Conference, pages 191-202, 1988.
 
12
J. Sweet. A multi-media e-mail tutorial with MH.
 
13
J. E. White. Telescript technology: The foundation for the electronic marketplace. GenerM Magic White Paper.

CITED BY  7
Trent Jaeger , Atul Prakash, Requirements of role-based access control for collaborative systems, Proceedings of the first ACM Workshop on Role-based access control, p.16-es, November 30-December 02, 1995, Gaithersburg, Maryland, United States
Christian Friberg , Achim Held, Support for discretionary role based access control in ACL-oriented operating systems, Proceedings of the second ACM workshop on Role-based access control, p.83-94, November 06-07, 1997, Fairfax, Virginia, United States
Trent Jaeger , Atul Prakash , Jochen Liedtke , Nayeem Islam, Flexible control of downloaded executable content, ACM Transactions on Information and System Security (TISSEC), v.2 n.2, p.177-228, May 1999
Trent Jaeger , Frederique Giraud , Nayeem Islam , Jochen Liedtke, A role-based access control model for protection domain derivation and management, Proceedings of the second ACM workshop on Role-based access control, p.95-106, November 06-07, 1997, Fairfax, Virginia, United States
Trent Jaeger , Aviel D. Rubin , Atul Prakash, Building systems that flexibly control downloaded executable context, Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography, p.14-14, July 22-25, 1996, San Jose, California
Trent Jaeger , Jochen Liedtke , Nayeem Islam, Operating system protection for fine-grained programs, Proceedings of the 7th conference on USENIX Security Symposium, 1998, p.11-11, January 26-29, 1998, San Antonio, Texas
Aameek Singh , Ling Liu , Mustaque Ahamad, Privacy analysis and enhancements for data sharing in *nix systems, International Journal of Information and Computer Security, v.2 n.4, p.376-410, January 2009

INDEX TERMS

Primary Classification:
  D. Software
  D.4 OPERATING SYSTEMS

Additional Classification:
  D. Software
  D.4 OPERATING SYSTEMS

  H. Information Systems
  H.4 INFORMATION SYSTEMS APPLICATIONS
      H.4.3 Communications Applications
          Subjects: Electronic mail


General Terms:
Security, Theory


Keywords:
active email, collaboration technology, computational email, computer-supported cooperative work, file systems, groupware, security

Collaborative Colleagues:
Trent Jaeger: colleagues
Atul Prakash: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player