ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
A note on the confinement problem
Full text PdfPdf (299 KB)
Source
Communications of the ACM archive
Volume 16 ,  Issue 10  (October 1973) table of contents
Pages: 613 - 615  
Year of Publication: 1973
ISSN:0001-0782
Author
Butler W. Lampson  Xerox Palo Alto Research Center, Palo Alto, CA
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 49,   Downloads (12 Months): 218,   Citation Count: 142
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/362375.362389
What is a DOI?

ABSTRACT

onfining a program during its execution so that it cannot transmit information to any other program except its caller. A set of examples attempts to stake out the boundaries of the problem. Necessary conditions for a solution are stated and informally justified.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Lampson, B.W. Dynamic protection structures. Proc. AFIPS 1969 FJCC, Vol. 35, AFIPS Press, Montvale, N.J., pp. 27-38.
2
Michael D. Schroeder , Jerome H. Saltzer, A hardware architecture for implementing protection rings, Communications of the ACM, v.15 n.3, p.157-170, March 1972  [doi>10.1145/361268.361275]

CITED BY  142
Anita K. Jones , Richard J. Lipton, The enforcement of security policies for computation, ACM SIGOPS Operating Systems Review, v.9 n.5, p.197-206, November 1975
Geoffrey Smith , Dennis Volpano, Secure information flow in a multi-threaded imperative language, Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.355-364, January 19-21, 1998, San Diego, California, United States
Myong H. Kang , Ira S. Moskowitz , Daniel C. Lee, A Network Pump, IEEE Transactions on Software Engineering, v.22 n.5, p.329-338, May 1996
Michael A. Harrison , Walter L. Ruzzo , Jeffrey D. Ullman, Protection in operating systems, Communications of the ACM, v.19 n.8, p.461-471, Aug. 1976
Ellis Choen, Information transmission in computational systems, ACM SIGOPS Operating Systems Review, v.11 n.5, p.133-139, November 1977
J. M. Rushby, Design and verification of secure systems, ACM SIGOPS Operating Systems Review, v.15 n.5, p.12-21, December 1981
Dorothy E. Denning, Secure personal computing in an insecure network, Communications of the ACM, v.22 n.8, p.476-482, Aug. 1979
Gregory R. Andrews , Richard P. Reitman, An Axiomatic Approach to Information Flow in Programs, ACM Transactions on Programming Languages and Systems (TOPLAS), v.2 n.1, p.56-76, Jan. 1980
Guy Almes , George Robertson, An extensible file system for hydra, Proceedings of the 3rd international conference on Software engineering, p.288-294, May 10-12, 1978, Atlanta, Georgia, United States
Dorothy E. Denning , Peter J. Denning, Certification of programs for secure information flow, Communications of the ACM, v.20 n.7, p.504-513, July 1977
David P. Reed , Rajendra K. Kanodia, Synchronization with eventcounts and sequencers, Communications of the ACM, v.22 n.2, p.115-123, Feb. 1979
Dan S. Wallach , Dirk Balfanz , Drew Dean , Edward W. Felten, Extensible security architectures for Java, ACM SIGOPS Operating Systems Review, v.31 n.5, p.116-128, Dec. 1997
Matt Bishop , Lawrence Snyder, The transfer of information and authority in a protection system, Proceedings of the seventh ACM symposium on Operating systems principles, p.45-54, December 10-12, 1979, Pacific Grove, California, United States
Michael A. Harrison , Walter L. Ruzzo , Jeffrey D. Ullman, On protection in operating systems, ACM SIGOPS Operating Systems Review, v.9 n.5, p.14-24, November 1975
R. Barbuti , C. Bernardeschi , N. De Francesco, Abstract interpretation of operational semantics for secure information flow, Information Processing Letters, v.83 n.2, p.101-108, 31 July 2002
Steven B. Lipner, A comment on the confinement problem, ACM SIGOPS Operating Systems Review, v.9 n.5, p.192-196, November 1975
Quazi N. Ahmed , Susan V. Vrbsky, Maintaining security and timeliness in real-time database system, Journal of Systems and Software, v.61 n.1, p.15-29, March 2002
Steven J. Greenwald, Discussion topic: what is the old security paradigm?, Proceedings of the 1998 workshop on New security paradigms, p.107-118, September 22-26, 1998, Charlottesville, Virginia, United States
Dorothy E. Denning , Peter J. Denning, Data Security, ACM Computing Surveys (CSUR), v.11 n.3, p.227-249, Sept. 1979
R. J. Feiertag , K. N. Levitt , L. Robinson, Proving multilevel security of a system design, ACM SIGOPS Operating Systems Review, v.11 n.5, p.57-65, November 1977
Richard P. Reitman, A mechanism for information control in parallel systems, Proceedings of the seventh ACM symposium on Operating systems principles, p.55-63, December 10-12, 1979, Pacific Grove, California, United States
Michael D. Schroeder, Engineering a security kernel for Multics, ACM SIGOPS Operating Systems Review, v.9 n.5, p.25-32, November 1975
R. Levin , E. Cohen , W. Corwin , F. Pollack , W. Wulf, Policy/mechanism separation in Hydra, ACM SIGOPS Operating Systems Review, v.9 n.5, p.132-140, November 1975
Jonathan S. Shapiro , Jonathan M. Smith , David J. Farber, EROS: a fast capability system, ACM SIGOPS Operating Systems Review, v.33 n.5, p.170-185, Dec. 1999
Ciarán Bryce , Chrislain Razafimahefa, An approach to safe object sharing, ACM SIGPLAN Notices, v.35 n.10, p.367-381, Oct. 2000
Michael D. Schroeder , David D. Clark , Jerome H. Saltzer, The Multics kernel design project, ACM SIGOPS Operating Systems Review, v.11 n.5, p.43-56, November 1977
David M. Goldschlag, Several secure store and forward devices, Proceedings of the 3rd ACM conference on Computer and communications security, p.129-137, March 14-15, 1996, New Delhi, India
Peter J. Denning, Fault Tolerant Operating Systems, ACM Computing Surveys (CSUR), v.8 n.4, p.359-389, Dec. 1976
David Rine, Possibility theory: As a means for modeling computer security and protection, Proceedings of the eighth international symposium on Multiple-valued logic, p.276-286, January 1978, Rosemont, Illinois, United States
Boris Kogan , S. Jajodia, Concurrency control in multilevel-secure databases based on replicated architecture, ACM SIGMOD Record, v.19 n.2, p.153-162, Jun. 1990
Lubomir Bic, Letters to the editor: A protection model and its implementation in a dataflow system, Communications of the ACM, v.25 n.9, p.650-658, Sept 1982
Ellis Cohen , David Jefferson, Protection in the Hydra Operating System, ACM SIGOPS Operating Systems Review, v.9 n.5, p.141-160, November 1975
Santosh Chokhani, Trusted products evaluation, Communications of the ACM, v.35 n.7, p.64-76, July 1992
Jonathan M. Silverman, Reflections on the verification of the security of an operating system kernel, ACM SIGOPS Operating Systems Review, v.17 n.5, p.143-154, October 1983
Sushil Jajodia , Ravi Sandhu, Toward a multilevel secure relational data model, ACM SIGMOD Record, v.20 n.2, p.50-59, June 1991
Binto George , Jayant Haritsa, Secure transaction processing in firm real-time database systems, ACM SIGMOD Record, v.26 n.2, p.462-473, June 1997
Gregory R. Andrews, Partitions and principles for secure operating systems, Proceedings of the 1975 annual conference, p.177-180, January 1975
M. Satyanarayanan, Integrating security in a large distributed system, ACM Transactions on Computer Systems (TOCS), v.7 n.3, p.247-280, Aug. 1989
Andrea C. Arpaci-Dusseau , Remzi H. Arpaci-Dusseau, Information and control in gray-box systems, ACM SIGOPS Operating Systems Review, v.35 n.5, Dec. 2001
Richard A. Kemmerer, Shared resource matrix methodology: an approach to identifying storage and timing channels, ACM Transactions on Computer Systems (TOCS), v.1 n.3, p.256-277, August 1983
Theodore A. Linden, Operating System Structures to Support Security and Reliable Software, ACM Computing Surveys (CSUR), v.8 n.4, p.409-445, Dec. 1976
Naftaly Minsky, Intentional resolution of privacy protection in database systems, Communications of the ACM, v.19 n.3, p.148-159, March 1976
Richard E. Smith, Cost profile of a highly assured, secure operating system, ACM Transactions on Information and System Security (TISSEC), v.4 n.1, p.72-101, Feb. 2001
Ulf Lindqvist , Erland Jonsson, A Map of Security Risks Associated with Using COTS, Computer, v.31 n.6, p.60-66, June 1998
Carl E. Landwehr, Formal Models for Computer Security, ACM Computing Surveys (CSUR), v.13 n.3, p.247-278, Sept. 1981
Maureen Harris Cheheyl , Morrie Gasser , George A. Huff , Jonathan K. Millen, Verifying Security, ACM Computing Surveys (CSUR), v.13 n.3, p.279-339, Sept. 1981
François Pottier , Sylvain Conchon, Information flow inference for free, ACM SIGPLAN Notices, v.35 n.9, p.46-57, Sept. 2000
Andrew C. Myers , Barbara Liskov, A decentralized model for information flow control, ACM SIGOPS Operating Systems Review, v.31 n.5, p.129-142, Dec. 1997
Dorothy E. Denning, A lattice model of secure information flow, Communications of the ACM, v.19 n.5, p.236-243, May 1976
Thomas Riechmann , Franz J. Hauck, Meta objects for access control: a formal model for role-based principals, Proceedings of the 1998 workshop on New security paradigms, p.30-38, September 22-26, 1998, Charlottesville, Virginia, United States
Rayford B. Vaughn, Jr., Application of security tot he computing science classroom, ACM SIGCSE Bulletin, v.32 n.1, p.90-94, Mar. 2000
Brajendra Panda , William Perrizo , Ramzi Haraty, Secure transaction management and query processing in multilevel secure database systems, Proceedings of the 1994 ACM symposium on Applied computing, p.363-368, March 06-08, 1994, Phoenix, Arizona, United States
Steven J. Greenwald, A new security policy for distributed resource management and access control, Proceedings of the 1996 workshop on New security paradigms, p.74-86, September 17-20, 1996, Lake Arrowhead, California, United States
Ravi S. Sandhu, Lattice-Based Access Control Models, Computer, v.26 n.11, p.9-19, November 1993
Paul A. Karger, The Lattice Security Model In A Public Computing Network, Proceedings of the 1978 annual conference, p.453-459, December 04-06, 1978, Washington, D.C., United States
Grzegorz Czajkowski, Multiprocessing and portability for PDAs, Proceedings of the 9th workshop on ACM SIGOPS European workshop: beyond the PC: new challenges for the operating system, September 17-20, 2000, Kolding, Denmark
Carl E. Landwehr , Alan R. Bull , John P. McDermott , William S. Choi, A taxonomy of computer program security flaws, ACM Computing Surveys (CSUR), v.26 n.3, p.211-254, Sept. 1994
John Zachary , Richard Brooks, Bidirectional mobile code trust management using tamper resistant hardware, Mobile Networks and Applications, v.8 n.2, p.137-143, April 2003
Samuel T. King , Peter M. Chen, Backtracking intrusions, ACM Transactions on Computer Systems (TOCS), v.23 n.1, p.51-76, February 2005
Binto George , Anna Valeva, A database security course on a shoestring, ACM SIGCSE Bulletin, v.38 n.1, March 2006
Keith Loepere, Resolving covert channels within a B2 class secure system, ACM SIGOPS Operating Systems Review, v.19 n.3, p.9-28, July 1985
Richard A. Kemmerer, Cybersecurity, Proceedings of the 25th International Conference on Software Engineering, May 03-10, 2003, Portland, Oregon
Jie Ren , Richard Taylor , Paul Dourish , David Redmiles, Towards an architectural treatment of software security: a connector-centric approach, ACM SIGSOFT Software Engineering Notes, v.30 n.4, July 2005
Jonathan S. Shapiro , Norman Hardy, EROS: A Principle-Driven Operating System from the Ground Up, IEEE Software, v.19 n.1, p.26-33, January 2002
Sang H. Son , Ravi Mukkamala , Rasikan David, Integrating Security and Real-Time Requirements Using Covert Channel Capacity, IEEE Transactions on Knowledge and Data Engineering, v.12 n.6, p.865-879, November 2000
Dave Clarke , Michael Richmond , James Noble, Saving the world from bad beans: deployment-time confinement checking, ACM SIGPLAN Notices, v.38 n.11, November 2003
Samuel T. King , Peter M. Chen, Backtracking intrusions, Proceedings of the nineteenth ACM symposium on Operating systems principles, October 19-22, 2003, Bolton Landing, NY, USA
R. Sekar , V.N. Venkatakrishnan , Samik Basu , Sandeep Bhatkar , Daniel C. DuVarney, Model-carrying code: a practical approach for safe execution of untrusted applications, Proceedings of the nineteenth ACM symposium on Operating systems principles, October 19-22, 2003, Bolton Landing, NY, USA
Andrew S. Tanenbaum, In defense of program testing or correctness proofs considered harmful, ACM SIGPLAN Notices, v.11 n.5, p.64-68, May 1976
Stuart E. Schechter , Michael D. Smith, Access for sale: a new class of worm, Proceedings of the 2003 ACM workshop on Rapid malcode, October 27-27, 2003, Washington, DC, USA
Shiuh-Pyng Shieh , Wen-Her Yang, Protecting network users in mobile code systems, Journal of Parallel and Distributed Computing, v.64 n.2, p.191-200, February 2004
H. Rex Hartson , David K. Hsiao, Full protection specifications in the semantic model for database protection languages, Proceedings of the annual conference, p.90-95, October 20-22, 1976, Houston, Texas, United States
Jonathan K. Millen, Security Kernel validation in practice, Communications of the ACM, v.19 n.5, p.243-250, May 1976
Andrew C. Myers, JFlow: practical mostly-static information flow control, Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.228-241, January 20-22, 1999, San Antonio, Texas, United States
Joe Loughry , David A. Umphress, Information leakage from optical emanations, ACM Transactions on Information and System Security (TISSEC), v.5 n.3, p.262-289, August 2002
Gerald J. Popek , Charles S. Kline, Encryption and Secure Computer Networks, ACM Computing Surveys (CSUR), v.11 n.4, p.331-356, Dec. 1979
Lawrence Robinson , Karl N. Levitt , Peter G. Neumann , Ashok R. Saxena, On attaining reliable software for a secure operating system, ACM SIGPLAN Notices, v.10 n.6, p.267-284, June 1975
James W. Gray, III, Report on the computer security foundations workshop VI, ACM SIGSAC Review, v.11 n.4, p.4-6, Oct. 1993
Chii-Ren Tsai , Virgil D. Gligor , C. S. Shandersekaran, On the Identification of Covert Storage Channels in Secure Systems, IEEE Transactions on Software Engineering, v.16 n.6, p.569-580, June 1990
Namgyu Kim , Songchun Moon , Yonglak Sohn, Secure one snapshot protocol for concurrency control in real-time stock trading systems, Journal of Systems and Software, v.73 n.3, p.441-454, November-December 2004
Cleopas O. Angaye , Steven C. Hansen, Inferential security in individual computing environments, ACM SIGICE Bulletin, v.20 n.1, p.27-32, July 1994
Olin Sibert , Phillip A. Porras , Robert Lindell, An Analysis of the Intel 80×86 Security Architecture and Implementations, IEEE Transactions on Software Engineering, v.22 n.5, p.283-293, May 1996
Rayford B. Vaughan, Jr. , Cleopas O. Angaye, Small computers and security: an oxymoron?, ACM SIGICE Bulletin, v.20 n.1, p.15-20, July 1994
Jayant R. Haritsa , Krithi Ramamritham, Real-Time Database Systems in the New Millenium, Real-Time Systems, v.19 n.3, p.205-208, Nov. 2000
Matthias Bauer, New covert channels in HTTP: adding unwitting Web browsers to anonymity sets, Proceedings of the 2003 ACM workshop on Privacy in the electronic society, October 30, 2003, Washington, DC
Elisa Bertino , Sushil Jajodia , Luigi Mancini , Indrajit Ray, Advanced Transaction Processing in Multilevel Secure File Stores, IEEE Transactions on Knowledge and Data Engineering, v.10 n.1, p.120-135, January 1998
Jinliang Fan , Jun Xu , Mostafa H. Ammar , Sue B. Moon, Prefix-preserving IP address anonymization: measurement-based security evaluation and a new cryptography-based scheme, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.46 n.2, p.253-272, 7 October 2004
Paul A. Karger , Mary Ellen Zurko , Douglas W. Bonin , Andrew H. Mason , Clifford E. Kahn, A Retrospective on the VAX VMM Security Kernel, IEEE Transactions on Software Engineering, v.17 n.11, p.1147-1165, November 1991
Donald Mackenzie , Garrel Pottinger, Mathematics, Technology, and Trust: Formal Verification, Computer Security, and the U.S. Military, IEEE Annals of the History of Computing, v.19 n.3, p.41-59, July 1997
James W. Gray, III , Paul F. Syverson, A logical approach to multilevel security of probabilistic systems, Distributed Computing, v.11 n.2, p.73-90, April 1998
Rayford B. Vaughn , David A. Dampier , Merrill B. Warkentin, Building an information security education program, Proceedings of the 1st annual conference on Information security curriculum development, October 08-08, 2004, Kennesaw, Georgia
Wes Masri , Andy Podgurski, Using dynamic information flow analysis to detect attacks against applications, ACM SIGSOFT Software Engineering Notes, v.30 n.4, July 2005
Krithi Ramamritham , Sang H. Son , Lisa Cingiser Dipippo, Real-Time Databases and Data Services, Real-Time Systems, v.28 n.2-3, p.179-215, November-December 2004
Gary D. Knott, A proposal for certain process management and intercommunication primitives, ACM SIGOPS Operating Systems Review, v.8 n.4, p.7-44, October 1974
Volker Roth , Ulrich Pinsdorf , Jan Peters, A distributed content-based search engine based on mobile code, Proceedings of the 2005 ACM symposium on Applied computing, March 13-17, 2005, Santa Fe, New Mexico
Li Gong, On security in capability-based systems, ACM SIGOPS Operating Systems Review, v.23 n.2, p.56-60, April 1989
Binto George , Jayant R. Haritsa, Secure Concurrency Control in Firm Real-Time Database Systems, Distributed and Parallel Databases, v.8 n.1, p.41-83, Jan. 2000
Richard A. Kemmerer , Phillip A. Porras, Covert Flow Trees: A Visual Approach to Analyzing Covert Storage Channels, IEEE Transactions on Software Engineering, v.17 n.11, p.1166-1185, November 1991
Manigandan Radhakrishnan , Jon A. Solworth, Application security support in the operating system kernel, Proceedings of the 2006 ACM Symposium on Information, computer and communications security, March 21-24, 2006, Taipei, Taiwan
Xiao Zhang , Sandhya Dwarkadas , Girts Folkmanis , Kai Shen, Processor hardware counter statistics as a first-class system resource, Proceedings of the 11th USENIX workshop on Hot topics in operating systems, p.1-6, May 07-09, 2007, San Diego, CA
Neil Vachharajani , Matthew J. Bridges , Jonathan Chang , Ram Rangan , Guilherme Ottoni , Jason A. Blome , George A. Reis , Manish Vachharajani , David I. August, RIFLE: An Architectural Framework for User-Centric Information-Flow Security, Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture, p.243-254, December 04-08, 2004, Portland, Oregon
Wes Masri , Andy Podgurski, An empirical study of the strength of information flows in programs, Proceedings of the 2006 international workshop on Dynamic systems analysis, May 23-23, 2006, Shanghai, China
Bruce J. Walker , Richard A. Kemmerer , Gerald J. Popek, Specification and verification of the UCLA Unix security kernel, Communications of the ACM, v.23 n.2, p.118-131, Feb. 1980
Jacob Y. Levy , Laurent Demailly , John K. Ousterhout , Brent B. Welch, The safe-Tcl security model, Proceedings of the Annual Technical Conference on USENIX Annual Technical Conference, 1998, p.23-23, June 15-19, 1998, New Orleans, Louisiana
Ira S. Moskowitz , Richard E. Newman, Timing channels, anonymity, mixes, and spikes, Proceedings of the 2nd IASTED international conference on Advances in computer science and technology, p.251-256, January 23-25, 2006, Puerto Vallarta, Mexico
Steven J. Murdoch, Hot or not: revealing hidden services by their clock skew, Proceedings of the 13th ACM conference on Computer and communications security, October 30-November 03, 2006, Alexandria, Virginia, USA
Alessandra Di Pierro , Chris Hankin , Herbert Wiklicky, Measuring the confinement of probabilistic systems, Theoretical Computer Science, v.340 n.1, p.3-56, 13 June 2005
Sean Peisert , Sidney Karin , Matt Bishop , Keith Marzullo, Principles-driven forensic analysis, Proceedings of the 2005 workshop on New security paradigms, September 20-23, 2005, Lake Arrowhead, California
Paul A. Karger, Performance and security lessons learned from virtualizing the alpha processor, ACM SIGARCH Computer Architecture News, v.35 n.2, May 2007
Mema Roussopoulos , Petros Maniatis , Edward Swierk , Kevin Lai , Guido Appenzeller , Mary Baker, Person-level routing in the mobile people architecture, Proceedings of the 2nd conference on USENIX Symposium on Internet Technologies and Systems, p.15-15, October 11-14, 1999, Boulder, Colorado
John Bethencourt , Jason Franklin , Mary Vernon, Mapping internet sensors with probe response attacks, Proceedings of the 14th conference on USENIX Security Symposium, p.13-13, July 31-August 05, 2005, Baltimore, MD
Jonathan S. Shapiro , John Vanderburgh , Eric Northup , David Chizmadia, Design of the EROS trusted window system, Proceedings of the 13th conference on USENIX Security Symposium, p.12-12, August 09-13, 2004, San Diego, CA
Nick Feamster , Magdalena Balazinska , Greg Harfst , Hari Balakrishnan , David Karger, Infranet: Circumventing Web Censorship and Surveillance, Proceedings of the 11th USENIX Security Symposium, p.247-262, August 05-09, 2002
Trent Jaeger , Reiner Sailer , Yogesh Sreenivasan, Managing the risk of covert information flows in virtual machine systems, Proceedings of the 12th ACM symposium on Access control models and technologies, June 20-22, 2007, Sophia Antipolis, France
Gaurav Shah , Andres Molina , Matt Blaze, Keyboards and covert channels, Proceedings of the 15th conference on USENIX Security Symposium, p.5-5, July 31-August 04, 2006, Vancouver, B.C., Canada
Nimisha V. Mehta , Karen R. Sollins, Expanding and extending the security features of java, Proceedings of the 7th conference on USENIX Security Symposium, 1998, p.12-12, January 26-29, 1998, San Antonio, Texas
Timothy E. Levin , Cynthia E. Irvine , Clark Weissman , Thuy D. Nguyen, Analysis of three multilevel security architectures, Proceedings of the 2007 ACM workshop on Computer security architecture, November 02-02, 2007, Fairfax, Virginia, USA
Deborah Downs , Gerald J. Popek, A Kernel design for a secure data base management system, Proceedings of the third international conference on Very large data bases, p.507-514, October 06-08, 1977, Tokyo, Japan
Yasuharu Katsuno , Yuji Watanabe , Sanehiro Furuichi , Michiharu Kudo, Chinese-wall process confinement for practical distributed coalitions, Proceedings of the 12th ACM symposium on Access control models and technologies, June 20-22, 2007, Sophia Antipolis, France
Cynthia E. Irvine , Karl Levitt, Trusted hardware: can it be trustworthy?, Proceedings of the 44th annual conference on Design automation, June 04-08, 2007, San Diego, California
Binto George , Jayant R. Haritsa, Secure buffering in firm real-time database systems, The VLDB Journal — The International Journal on Very Large Data Bases, v.8 n.3-4, p.178-198, February 2000
Kenneth Smith , Marianne Winslett, Entity Modeling in the MLS Relational Model, Proceedings of the 18th International Conference on Very Large Data Bases, p.199-210, August 23-27, 1992
Binto George , Jayant R. Haritsa, Secure Buffering in Firm Real-Time Database Systems, Proceedings of the 24rd International Conference on Very Large Data Bases, p.464-475, August 24-27, 1998
Marvin Schaefer , Barry Gold , Richard Linde , John Scheid, Program confinement in KVM/370, Proceedings of the 1977 annual conference, p.404-410, January 1977
B. D. Gold , R. R. Linde , M. Schaefer , J. F. Scheid, VM/370 security retrofit program, Proceedings of the 1977 annual conference, p.411-418, January 1977
Sang H. Son , Rasikan David , Bhavani Thuraisingham, Improving timeliness in real-time secure database systems, ACM SIGMOD Record, v.25 n.1, p.29-33, March 1996
Salvador Cavadini, Secure slices of insecure programs, Proceedings of the 2008 ACM symposium on Information, computer and communications security, March 18-20, 2008, Tokyo, Japan
Marie Rose Low , Bruce Christianson, Fine grained object protection in UNIX, ACM SIGOPS Operating Systems Review, v.27 n.1, p.33-50, Jan. 1993
Ciarán Bryce , Jan Vitek, The JavaSeal Mobile Agent Kernel, Autonomous Agents and Multi-Agent Systems, v.4 n.4, p.359-384, December 2001
Robert H. Thomas, JSYS traps: a TENEX mechanism for encapsulation of user processes, Proceedings of the May 19-22, 1975, national computer conference and exposition, May 19-22, 1975, Anaheim, California
Toby Murray , Duncan Grove, Non-delegatable authorities in capability systems, Journal of Computer Security, v.16 n.6, p.743-759, December 2008
Kohei Honda , Nobuko Yoshida, A uniform type structure for secure information flow, ACM Transactions on Programming Languages and Systems (TOPLAS), v.29 n.6, p.31-es, October 2007
Kris Tiri, Side-channel attack pitfalls, Proceedings of the 44th annual conference on Design automation, June 04-08, 2007, San Diego, California
Bryan D. Payne , Reiner Sailer , Ramón Cáceres , Ron Perez , Wenke Lee, A layered approach to simplified access control in virtualized systems, ACM SIGOPS Operating Systems Review, v.41 n.4, July 2007
Zouheir Trabelsi , Hesham El-Sayed , Lilia Frikha , Tamer Rabie, A novel covert channel based on the IP header record route option, International Journal of Advanced Media and Communication, v.1 n.4, p.328-350, August 2007
Alan B. Shaffer , Mikhail Auguston , Cynthia E. Irvine , Timothy E. Levin, A security domain model to assess software for exploitable covert channels, Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security, June 07-13, 2008, Tucson, AZ, USA
Wes Masri , Andy Podgurski, Algorithms and tool support for dynamic information flow analysis, Information and Software Technology, v.51 n.2, p.385-404, February, 2009
Stephen T. Walker, The advent of trusted computer operating systems, Proceedings of the May 19-22, 1980, national computer conference, May 19-22, 1980, Anaheim, California
Richard R. Linde, Operating system penetration, Proceedings of the May 19-22, 1975, national computer conference and exposition, May 19-22, 1975, Anaheim, California
Zhenkai Liang , Weiqing Sun , V. N. Venkatakrishnan , R. Sekar, Alcatraz: An Isolated Environment for Experimenting with Untrusted Software, ACM Transactions on Information and System Security (TISSEC), v.12 n.3, p.1-37, January 2009
Alexander Yip , Neha Narula , Maxwell Krohn , Robert Morris, Privacy-preserving browser-side scripting with BFlow, Proceedings of the fourth ACM european conference on Computer systems, April 01-03, 2009, Nuremberg, Germany
Indrajit Roy , Donald E. Porter , Michael D. Bond , Kathryn S. McKinley , Emmett Witchel, Laminar: practical fine-grained decentralized information flow control, ACM SIGPLAN Notices, v.44 n.6, June 2009

INDEX TERMS

Keywords:
confinement, leakage of data, privacy, proprietary program, protection, security

Collaborative Colleagues:
Butler W. Lampson: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player