ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Protection in operating systems
Full text PdfPdf (1.08 MB)
Source
Communications of the ACM archive
Volume 19 ,  Issue 8  (August 1976) table of contents
Pages: 461 - 471  
Year of Publication: 1976
ISSN:0001-0782
Authors
Michael A. Harrison  Univ. of California, Berkeley
Walter L. Ruzzo  Univ. of California, Berkeley
Jeffrey D. Ullman  Princeton, Univ., Princeton, NJ
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 46,   Downloads (12 Months): 345,   Citation Count: 122
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/360303.360333
What is a DOI?

ABSTRACT

A model of protection mechanisms in computing systems is presented and its appropriateness is argued. The “safety” problem for protection systems under this model is to determine in a given situation whether a subject can acquire a particular right to an object. In restricted cases, it can be shown that this problem is decidable, i.e. there is an algorithm to determine whether a system in a particular configuration is safe. In general, and under surprisingly weak assumptions, it cannot be decided if a situation is safe. Various implications of this fact are discussed.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Alfred V. Aho , John E. Hopcroft, The Design and Analysis of Computer Algorithms, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1974
 
2
Gregory Richard Andrews, Cops--a protection mechanism for computer systems., 1974
 
3
Bell, D.E., and LaPadula, L.J. Secure Computer Systems, Vol. I: Mathematical Foundations and Vol. II: A Mathematical Model. MITRE Corp. Tech. Rep. MTR-2547, 1973.
4
Jack B. Dennis , Earl C. Van Horn, Programming semantics for multiprogrammed computations, Communications of the ACM, v.9 n.3, p.143-155, March 1966  [doi>10.1145/365230.365252]
5
Robert M. Graham, Protection in an information processing utility, Communications of the ACM, v.11 n.5, p.365-369, May 1968  [doi>10.1145/363095.363146]
 
6
Graham, G.S., and Denning, P.J. Protection--principles and practice. AFIPS Conf. Proc., 1972 SJCC, Vol. 40, AFIPS Press, Montvale, N.J., 1972, pp. 417-429.
 
7
John E. Hopcroft , Jeffrey D. Ullman, Formal languages and their relation to automata, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1969
 
8
Anita Katherine Jones, Protection in programmed systems., 1973
 
9
Jones, A.K., and Wulf, W. Towards the design of secure systems. In Protection in Operating Systems, Colloques IRIA, Rocquencourt, France, 1974, pp. 121-136.
10
Butler W. Lampson, Protection, ACM SIGOPS Operating Systems Review, v.8 n.1, p.18-24, January 1974  [doi>10.1145/775265.775268]
11
Butler W. Lampson, A note on the confinement problem, Communications of the ACM, v.16 n.10, p.613-615, Oct. 1973  [doi>10.1145/362375.362389]
 
12
Needham, R.M. Protection systems and protection implementations. AFIPS Conf. Proc., 1972 FJCC, Vol. 41, AFIPS Press, Montvale, N.J., 1972, pp. 571-578.
13
Gerald J. Popek, Correctness in access control, Proceedings of the annual conference, p.236-241, August 27-29, 1973, Atlanta, Georgia, United States  [doi>10.1145/800192.805711]
14
Dennis M. Ritchie , Ken Thompson, The UNIX time-sharing system, Communications of the ACM, v.17 n.7, p.365-375, July 1974  [doi>10.1145/361011.361061]
15
Jerome H. Saltzer, Protection and the control of information sharing in multics, Communications of the ACM, v.17 n.7, p.388-402, July 1974  [doi>10.1145/361011.361067]

CITED BY  122
Roshan Thomas, Role-based access control and distributed object-based enterprise computing, Proceedings of the first ACM Workshop on Role-based access control, p.21-es, November 30-December 02, 1995, Gaithersburg, Maryland, United States
Glenn S. Benson , Ian F. Akyildiz , William F. Appelbe, A formal protection model of security in centralized, parallel, and distributed systems, ACM Transactions on Computer Systems (TOCS), v.8 n.3, p.183-213, Aug. 1990
Ladislav J. Kohout, Analysis of computing protection structures by means of multi-valued logic systems, Proceedings of the eighth international symposium on Multiple-valued logic, p.260-268, January 1978, Rosemont, Illinois, United States
Rajeev Motwani , Rina Panigrahy , Vijay Saraswat , Suresh Ventkatasubramanian, On the decidability of accessibility problems (extended abstract), Proceedings of the thirty-second annual ACM symposium on Theory of computing, p.306-315, May 21-23, 2000, Portland, Oregon, United States
Trent Jaeger , Jonathon E. Tidswell, Practical safety in flexible access control models, ACM Transactions on Information and System Security (TISSEC), v.4 n.2, p.158-190, May 2001
Jonathon E. Tidswell , John M. Potter, A graphical definition of authorization schema in the DTAC model, Proceedings of the sixth ACM symposium on Access control models and technologies, p.109-120, May 2001, Chantilly, Virginia, United States
Dorothy E. Denning , Peter J. Denning, Data Security, ACM Computing Surveys (CSUR), v.11 n.3, p.227-249, Sept. 1979
Trent Jaeger, On the increasing importance of constraints, Proceedings of the fourth ACM workshop on Role-based access control, p.33-42, October 28-29, 1999, Fairfax, Virginia, United States
Matt Bishop , Lawrence Snyder, The transfer of information and authority in a protection system, Proceedings of the seventh ACM symposium on Operating systems principles, p.45-54, December 10-12, 1979, Pacific Grove, California, United States
Premkumar T. Devanbu , Stuart Stubblebine, Software engineering for security: a roadmap, Proceedings of the Conference on The Future of Software Engineering, p.227-239, June 04-11, 2000, Limerick, Ireland
Lawrence Snyder, On the synthesis and analysis of protection systems, ACM SIGOPS Operating Systems Review, v.11 n.5, p.141-150, November 1977
Trent Jaeger , Antony Edwards , Xiaolan Zhang, Managing access control policies using access control spaces, Proceedings of the seventh ACM symposium on Access control models and technologies, June 03-04, 2002, Monterey, California, USA
Ralf C. Hauser, Does licensing require new access control techniques?, Communications of the ACM, v.37 n.11, p.48-55, Nov. 1994
G. Saunders , M. Hitchens , V. Varadharajan, Role-based access control and the access control matrix, ACM SIGOPS Operating Systems Review, v.35 n.4, p.6-20, October 2001
Jonathon E. Tidswell , Geoffrey H. Outhred , John M. Potter, Dynamic rights: safe extensible access control, Proceedings of the fourth ACM workshop on Role-based access control, p.113-120, October 28-29, 1999, Fairfax, Virginia, United States
R. K. Thomas , R. S. Sandhu, Towards a task-based paradigm for flexible and adaptable access control in distributed applications, Proceedings on the 1992-1993 workshop on New security paradigms, p.138-142, August 1993, Little Compton, Rhode Island, United States
Matunda Nyanchama , Sylvia Osborn, The role graph model and conflict of interest, ACM Transactions on Information and System Security (TISSEC), v.2 n.1, p.3-33, Feb. 1999
Ravi Sandhu , Venkata Bhamidipati , Qamar Munawer, The ARBAC97 model for role-based administration of roles, ACM Transactions on Information and System Security (TISSEC), v.2 n.1, p.105-135, Feb. 1999
Gregory R. Andrews , James R. McGraw, Language features for process interaction, ACM SIGOPS Operating Systems Review, v.11 n.2, p.114-127, April 1977
Dale H. Grit , Dennis D. Georg, A top-down, laboratory based operating system course, ACM SIGCSE Bulletin, v.9 n.1, p.73-76, Feb 1977
Geoffrey Smith , Dennis Volpano, Secure information flow in a multi-threaded imperative language, Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.355-364, January 19-21, 1998, San Diego, California, United States
Carl E. Landwehr, Formal Models for Computer Security, ACM Computing Surveys (CSUR), v.13 n.3, p.247-278, Sept. 1981
Naftaly H. Minsky, Selective and locally controlled transport of privileges, ACM Transactions on Programming Languages and Systems (TOPLAS), v.6 n.4, p.573-602, Oct. 1984
James B. D. Joshi , Walid G. Aref , Arif Ghafoor , Eugene H. Spafford, Security models for web-based applications, Communications of the ACM, v.44 n.2, p.38-44, Feb. 2001
Steven J. Greenwald, Discussion topic: what is the old security paradigm?, Proceedings of the 1998 workshop on New security paradigms, p.107-118, September 22-26, 1998, Charlottesville, Virginia, United States
Ravinderpal Singh Sandhu, The schematic protection model: its definition and analysis for acyclic attenuating schemes, Journal of the ACM (JACM), v.35 n.2, p.404-432, April 1988
Gerald Brose, Manageable access control for CORBA, Journal of Computer Security, v.10 n.4, p.301-337, December 2002
Mark Evered, Bracket capabilities for distributed systems security, Australian Computer Science Communications, v.24 n.1, p.51-58, January-February 2002
Ravi Sandhu , Qamar Munawer, How to do discretionary access control using roles, Proceedings of the third ACM workshop on Role-based access control, p.47-54, October 22-23, 1998, Fairfax, Virginia, United States
Paul A. Karger, The Lattice Security Model In A Public Computing Network, Proceedings of the 1978 annual conference, p.453-459, December 04-06, 1978, Washington, D.C., United States
Ralf C. Hauser, Does licensing require new access control techniques?, Proceedings of the 1st ACM conference on Computer and communications security, p.1-8, November 03-05, 1993, Fairfax, Virginia, United States
Roshan K. Thomas, Team-based access control (TMAC): a primitive for applying role-based access controls in collaborative environments, Proceedings of the second ACM workshop on Role-based access control, p.13-19, November 06-07, 1997, Fairfax, Virginia, United States
Jonathon E. Tidswell , Trent Jaeger, Integrated constraints and inheritance in DTAC, Proceedings of the fifth ACM workshop on Role-based access control, p.93-102, July 26-28, 2000, Berlin, Germany
Jonathon E. Tidswell , Trent Jaeger, An access control model for simplifying constraint expression, Proceedings of the 7th ACM conference on Computer and communications security, p.154-163, November 01-04, 2000, Athens, Greece
Ronald Fagin, On an authorization mechanism, ACM Transactions on Database Systems (TODS), v.3 n.3, p.310-319, Sept. 1978
Jyh-haw Yeh , Randy Chow , Richard Newman, Key assignment for enforcing access control policy exceptions in distributed systems, Information Sciences: an International Journal, v.152 n.1, p.63-88, June 2003
Tanvir Ahmed , Anand R. Tripathi, Static verification of security requirements in role based CSCW systems, Proceedings of the eighth ACM symposium on Access control models and technologies, June 02-03, 2003, Como, Italy
K. K. Leong , K. M. Yu , W. B. Lee, A security model for distributed product data management system, Computers in Industry, v.50 n.2, p.179-193, February 2003
Kevin W. Hamlen , Greg Morrisett , Fred B. Schneider, Computability classes for enforcement mechanisms, ACM Transactions on Programming Languages and Systems (TOPLAS), v.28 n.1, p.175-205, January 2006
Mark Evered, Flexible enterprise access control with object-oriented view specification, Proceedings of the Australasian information security workshop conference on ACSW frontiers 2003, p.17-24, February 01, 2003, Adelaide, Australia
R. Stockton Gaines , Norman Z. Shapiro, Some security principles and their application to computer security, ACM SIGOPS Operating Systems Review, v.12 n.3, p.19-28, July 1978
Stefano Bistarelli , Simon N. Foley , Barry O'Sullivan, Modeling and detecting the cascade vulnerability problem using soft constraints, Proceedings of the 2004 ACM symposium on Applied computing, March 14-17, 2004, Nicosia, Cyprus
Mark Evered, Opsis: a distributed object architecture based on bracket capabilities, Proceedings of the Fortieth International Conference on Tools Pacific: Objects for internet, mobile and embedded applications, February 01, 2002, Sydney, Australia
Trent Jaeger , Xiaolan Zhang , Fidel Cacheda, Policy management using access control spaces, ACM Transactions on Information and System Security (TISSEC), v.6 n.3, p.327-364, August 2003
Joerg Abendroth , Christian D. Jensen, A unified security framework for networked applications, Proceedings of the 2003 ACM symposium on Applied computing, March 09-12, 2003, Melbourne, Florida
Rob Kling, Value conflicts and social choice in electronic funds transfer system developments, ACM SIGCAS Computers and Society, v.11 n.3, Summer 1981
Matt Bishop, Education in Information Security, IEEE Concurrency, v.8 n.4, p.4-8, October 2000
Yvo Desmedt, Computer security by redefining what a computer is, Proceedings on the 1992-1993 workshop on New security paradigms, p.160-166, August 1993, Little Compton, Rhode Island, United States
Rob Kling, Value conflicts and social choice in electronic funds transfer system developments, Communications of the ACM, v.21 n.8, p.642-657, Aug. 1978
Trent Jaeger , Jonathon E. Tidswell, Rebuttal to the NIST RBAC model proposal, Proceedings of the fifth ACM workshop on Role-based access control, p.65-66, July 26-28, 2000, Berlin, Germany
Eve Cohen , Roshan K. Thomas , William Winsborough , Deborah Shands, Models for coalition-based access control (CBAC), Proceedings of the seventh ACM symposium on Access control models and technologies, June 03-04, 2002, Monterey, California, USA
Josep Domingo-Ferrer, Achieving Rights Untransferability with Client-Independent Servers, Designs, Codes and Cryptography, v.8 n.3, p.263-271, June 1996
Shariq Rizvi , Alberto Mendelzon , S. Sudarshan , Prasan Roy, Extending query rewriting techniques for fine-grained access control, Proceedings of the 2004 ACM SIGMOD international conference on Management of data, June 13-18, 2004, Paris, France
M. Benantar , R. Guski , K. M. Troidle, Access control systems: from host-centric to network-centric computing, IBM Systems Journal, v.35 n.1, p.94-112, January 1996
W. E. Boebert , R. Y. Kain, The extended access matrix model of computer security, ACM SIGSOFT Software Engineering Notes, v.10 n.4, August 1985
Jaehong Park , Ravi Sandhu, The UCONABC usage control model, ACM Transactions on Information and System Security (TISSEC), v.7 n.1, p.128-174, February 2004
Prasad Naldurg , Roy H. Campbell, Modeling insecurity: policy engineering for survivability, Proceedings of the 2003 ACM workshop on Survivable and self-regenerative systems: in association with 10th ACM Conference on Computer and Communications Security, p.91-98, October 31-31, 2003, Fairfax, VA
Mahesh V. Tripunitara , Ninghui Li, Comparing the expressive power of access control models, Proceedings of the 11th ACM conference on Computer and communications security, October 25-29, 2004, Washington DC, USA
François Siewe , Antonio Cau , Hussein Zedan, A compositional framework for access control policies enforcement, Proceedings of the 2003 ACM workshop on Formal methods in security engineering, p.32-42, October 30, 2003, Washington, D.C.
Paul A. Karger , Mary Ellen Zurko , Douglas W. Bonin , Andrew H. Mason , Clifford E. Kahn, A Retrospective on the VAX VMM Security Kernel, IEEE Transactions on Software Engineering, v.17 n.11, p.1147-1165, November 1991
Ninghui Li , Mahesh V. Tripunitara, Security analysis in role-based access control, Proceedings of the ninth ACM symposium on Access control models and technologies, June 02-04, 2004, Yorktown Heights, New York, USA
Donald Mackenzie , Garrel Pottinger, Mathematics, Technology, and Trust: Formal Verification, Computer Security, and the U.S. Military, IEEE Annals of the History of Computing, v.19 n.3, p.41-59, July 1997
Vinod Ganapathy , Sanjit A. Seshia , Somesh Jha , Thomas W. Reps , Randal E. Bryant, Automatic discovery of API-level exploits, Proceedings of the 27th international conference on Software engineering, May 15-21, 2005, St. Louis, MO, USA
Shih-Chien Chou , An-Feng Liu , Chien-Jung Wu, Preventing information leakage within workflows that execute among competing organizations, Journal of Systems and Software, v.75 n.1-2, p.109-123, 15 February 2005
Jason F. Reid , William J. Caelli, DRM, trusted computing and operating system architecture, Proceedings of the 2005 Australasian workshop on Grid computing and e-research, p.127-136, January 01, 2005, Newcastle, New South Wales, Australia
C. Mohan, Survey of recent operating systems research, designs and implementations, ACM SIGOPS Operating Systems Review, v.12 n.1, p.53-89, January 1978
Jason Crampton, Understanding and developing role-based administrative models, Proceedings of the 12th ACM conference on Computer and communications security, November 07-11, 2005, Alexandria, VA, USA
Ninghui Li , John C. Mitchell , William H. Winsborough, Beyond proof-of-compliance: security analysis in trust management, Journal of the ACM (JACM), v.52 n.3, p.474-514, May 2005
Xinwen Zhang , Yingjiu Li , Divya Nalla, An attribute-based access matrix model, Proceedings of the 2005 ACM symposium on Applied computing, March 13-17, 2005, Santa Fe, New Mexico
Shih-Chien Chou , Chin-Yi Chang, An information flow control model for C applications based on access control lists, Journal of Systems and Software, v.78 n.1, p.84-100, October 2005
Jason Crampton, Applying hierarchical and role-based access control to XML documents, Proceedings of the 2004 workshop on Secure web service, p.37-46, October 29-29, 2004, Fairfax, Virginia
Shih-Chien Chou , Wei-Chuan Hsu , Wei-Kuang Lo, DPE/PAC: decentralized process engine with product access control, Journal of Systems and Software, v.76 n.3, p.207-219, June 2005
Jason Crampton , George Loizou, Administrative scope: A foundation for role-based administrative models, ACM Transactions on Information and System Security (TISSEC), v.6 n.2, p.201-231, May 2003
Shih-Chien Chou , Yuan-Chien Chen, Managing role relationships in an information flow control model, Journal of Systems and Software, v.79 n.4, p.507-522, April 2006
Li Gong , Xiaolei Qian, Computational Issues in Secure Interoperation, IEEE Transactions on Software Engineering, v.22 n.1, p.43-52, January 1996
Salem Aljareh , Nick Rossiter, A task-based security model to facilitate collaboration in trusted multi-agency networks, Proceedings of the 2002 ACM symposium on Applied computing, March 11-14, 2002, Madrid, Spain
Teresa F. Lunt , Eduardo B. Fernandez, Database security, ACM SIGMOD Record, v.19 n.4, p.90-97, Dec. 1990
Jason Crampton , George Loizou, Authorisation and antichains, ACM SIGOPS Operating Systems Review, v.35 n.3, p.6-15, July 1 2001
Ninghui Li , Mahesh V. Tripunitara , Qihua Wang, Resiliency policies in access control, Proceedings of the 13th ACM conference on Computer and communications security, October 30-November 03, 2006, Alexandria, Virginia, USA
Mikko T. Siponen , Harri Oinas-Kukkonen, A review of information security issues and respective research contributions, ACM SIGMIS Database, v.38 n.1, February 2007
Prasad Naldurg , Stefan Schwoon , Sriram Rajamani , John Lambert, NETRA:: seeing through access control, Proceedings of the fourth ACM workshop on Formal methods in security, p.55-66, November 03-03, 2006, Alexandria, Virginia, USA
Keith Irwin , Ting Yu , William H. Winsborough, On the modeling and analysis of obligations, Proceedings of the 13th ACM conference on Computer and communications security, October 30-November 03, 2006, Alexandria, Virginia, USA
Diala Abi Haidar , Nora Cuppens-Boulahia , Frederic Cuppens , Herve Debar, An extended RBAC profile of XACML, Proceedings of the 3rd ACM workshop on Secure web services, November 03-03, 2006, Alexandria, Virginia, USA
Ninghui Li , Mahesh V. Tripunitara, Security analysis in role-based access control, ACM Transactions on Information and System Security (TISSEC), v.9 n.4, p.391-420, November 2006
Ravi Sandhu , Kumar Ranganathan , Xinwen Zhang, Secure information sharing enabled by Trusted Computing and PEI models, Proceedings of the 2006 ACM Symposium on Information, computer and communications security, March 21-24, 2006, Taipei, Taiwan
Xinwen Zhang , Ravi Sandhu , Francesco Parisi-Presicce, Safety analysis of usage control authorization models, Proceedings of the 2006 ACM Symposium on Information, computer and communications security, March 21-24, 2006, Taipei, Taiwan
Andreas Schaad , Volkmar Lotz , Karsten Sohr, A model-checking approach to analysing organisational controls in a loan origination process, Proceedings of the eleventh ACM symposium on Access control models and technologies, June 07-09, 2006, Lake Tahoe, California, USA
Trent Jaeger , Reiner Sailer , Xiaolan Zhang, Analyzing integrity protection in the SELinux example policy, Proceedings of the 12th conference on USENIX Security Symposium, p.5-5, August 04-08, 2003, Washington, DC
E. Kleiner , T. Newcomb, On the Decidability of the Safety Problem for Access Control Policies, Electronic Notes in Theoretical Computer Science (ENTCS), 185, p.107-120, July, 2007
Roxana Geambasu , Magdalena Balazinska , Steven D. Gribble , Henry M. Levy, Homeviews: peer-to-peer middleware for personal data sharing applications, Proceedings of the 2007 ACM SIGMOD international conference on Management of data, June 11-14, 2007, Beijing, China
Frédéric Cuppens , Nora Cuppens-Boulahia , Meriam Ben Ghorbel, High Level Conflict Management Strategies in Advanced Access Control Models, Electronic Notes in Theoretical Computer Science (ENTCS), 186, p.3-26, July, 2007
Timothy E. Levin , Cynthia E. Irvine , Clark Weissman , Thuy D. Nguyen, Analysis of three multilevel security architectures, Proceedings of the 2007 ACM workshop on Computer security architecture, November 02-02, 2007, Fairfax, Virginia, USA
Udo Halfmann , Winfried E. Kühnhauser, Embedding security policies into a distributed computing environment, ACM SIGOPS Operating Systems Review, v.33 n.2, p.51-64, April 1999
Mark Reith , Jianwei Niu , William H. Winsborough, Engineering Trust Management into Software Models, Proceedings of the International Workshop on Modeling in Software Engineering, p.9, May 20-26, 2007
Xukai Zou , Yogesh Karandikar , Elisa Bertino, A dynamic key management solution to access hierarchy, International Journal of Network Management, v.17 n.6, p.437-450, November 2007
Trent Jeager, Managing access control complexity using metrices, Proceedings of the sixth ACM symposium on Access control models and technologies, p.131-139, May 2001, Chantilly, Virginia, United States
G. O'Shea, Redundant rights in protection systems, ACM SIGOPS Operating Systems Review, v.26 n.3, p.27-30, July 1992
Masoom Alam , Jean-Pierre Seifert , Qi Li , Xinwen Zhang, Usage control platformization via trustworthy SELinux, Proceedings of the 2008 ACM symposium on Information, computer and communications security, March 18-20, 2008, Tokyo, Japan
Keith Irwin , Ting Yu , William H. Winsborough, Enforcing security properties in task-based systems, Proceedings of the 13th ACM symposium on Access control models and technologies, June 11-13, 2008, Estes Park, CO, USA
Gilles Goncalves , Aneta Poniszewska-Maranda, Role engineering: From design to evolution of security schemes, Journal of Systems and Software, v.81 n.8, p.1306-1326, August, 2008
Scott D. Stoller , Ping Yang , C R. Ramakrishnan , Mikhail I. Gofman, Efficient policy analysis for administrative role based access control, Proceedings of the 14th ACM conference on Computer and communications security, October 28-31, 2007, Alexandria, Virginia, USA
Julien Brunel , Frédéric Cuppens , Nora Cuppens , Thierry Sans , Jean-Paul Bodeveix, Security policy compliance with violation management, Proceedings of the 2007 ACM workshop on Formal methods in security engineering, p.31-40, November 02-02, 2007, Fairfax, Virginia, USA
Tomasz Jurdziski, On complexity of grammars related to the safety problem, Theoretical Computer Science, v.389 n.1-2, p.56-72, December, 2007
Mahesh V. Tripunitara , Ninghui Li, A theory for comparing the expressive power of access control models, Journal of Computer Security, v.15 n.2, p.231-272, April 2007
Ram Krishnan , Jianwei Niu , Ravi Sandhu , William H. Winsborough, Stale-safe security properties for group-based secure information sharing, Proceedings of the 6th ACM workshop on Formal methods in security engineering, p.53-62, October 27-27, 2008, Alexandria, Virginia, USA
Eduardo B. Fernandez , Günther Pernul, Patterns for session-based access control, Proceedings of the 2006 conference on Pattern languages of programs, October 21-23, 2006, Portland, Oregon
Dae-Kyoo Kim , Pooja Mehta , Priya Gokhale, Describing access control models as design patterns using roles, Proceedings of the 2006 conference on Pattern languages of programs, October 21-23, 2006, Portland, Oregon
John McDermott , Leo Freitas, A formal security policy for xenon, Proceedings of the 6th ACM workshop on Formal methods in security engineering, p.43-52, October 27-27, 2008, Alexandria, Virginia, USA
Ashish Gehani , Surendar Chandra, Parameterized access control: from design to prototype, Proceedings of the 4th international conference on Security and privacy in communication netowrks, September 22-25, 2008, Istanbul, Turkey
Lars E. Olson , Carl A. Gunter , P. Madhusudan, A formal framework for reflective database access control policies, Proceedings of the 15th ACM conference on Computer and communications security, October 27-31, 2008, Alexandria, Virginia, USA
Mark Reith , Jianwei Niu , William H. Winsborough, Toward practical analysis for trust management policy, Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, March 10-12, 2009, Sydney, Australia
Charles R. Young, A security policy for a profile-oriented operating system, Proceedings of the May 4-7, 1981, national computer conference, May 04-07, 1981, Chicago, Illinois
Mustafa M. Kocatürk , Taflan İ. Gündem, A Fine-Grained Access Control System Combining MAC and RBACK Models for XML, Informatica, v.19 n.4, p.517-534, December 2008
Ram Krishnan , Ravi Sandhu , Jianwei Niu , William H. Winsborough, A conceptual framework for Group-Centric secure information sharing, Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, March 10-12, 2009, Sydney, Australia
Mehran Ahsant , Jim Basney , Lennart Johnsson, Dynamic, context-aware, least-privilege grid delegation, Proceedings of the 8th IEEE/ACM International Conference on Grid Computing, p.209-216, September 19-21, 2007
Florian Kerschbaum , Philip Robinson, Security architecture for virtual organizations of business web services, Journal of Systems Architecture: the EUROMICRO Journal, v.55 n.4, p.224-232, April, 2009
Romain Laborde , Michel Kamel , Samer Wazan , Francois Barrere , Abdelmalek Benzekri, A secure collaborative web-based environment for virtual organisations, International Journal of Web Based Communities, v.5 n.2, p.273-292, March 2009
Qingfeng He , Annie I. Antón, Requirements-based Access Control Analysis and Policy Specification (ReCAPS), Information and Software Technology, v.51 n.6, p.993-1009, June, 2009
Samrat Mondal , Shamik Sural , Vijayalakshmi Atluri, Towards formal security analysis of GTRBAC using timed automata, Proceedings of the 14th ACM symposium on Access control models and technologies, June 03-05, 2009, Stresa, Italy
Ninghui Li , Qihua Wang , Mahesh Tripunitara, Resiliency Policies in Access Control, ACM Transactions on Information and System Security (TISSEC), v.12 n.4, p.1-34, April 2009
Ram Krishnan , Ravi Sandhu , Jianwei Niu , William H. Winsborough, Foundations for group-centric secure information sharing models, Proceedings of the 14th ACM symposium on Access control models and technologies, June 03-05, 2009, Stresa, Italy
Kazuhiro Minami , Nikita Borisov , Carl A. Gunter, Safety in discretionary access control for logic-based publish-subscribe systems, Proceedings of the 14th ACM symposium on Access control models and technologies, June 03-05, 2009, Stresa, Italy

INDEX TERMS

Keywords:
Turing machine, decidability, operating system, protection, protection system

Collaborative Colleagues:
Michael A. Harrison: colleagues
Walter L. Ruzzo: colleagues
Jeffrey D. Ullman: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player