Filters








10 Hits in 2.4 sec

Security architectures revisited

Hermann Härtig
2002 Proceedings of the 10th workshop on ACM SIGOPS European workshop: beyond the PC - EW10  
Putting together these ingredients into a small secure platform seems straightforward, yet still remains to be done, and has the potential of making operating systems more dependable.  ...  The knowledge in technologies needed to build secure platforms, or Security Architectures, has significantly matured over the recent years.  ...  Many discussions with students and other members of the operating-systems and real-time group of Technische Universität Dresden helped a lot when writing this down.  ... 
doi:10.1145/1133373.1133376 dblp:conf/sigopsE/Hartig02 fatcat:rwp6m2qmmraclcf2nwjdltr2ja

On Paradigms for Security Policies in Multipolicy Environments [chapter]

Winfried E. Kühnhauser
1995 IFIP Advances in Information and Communication Technology  
For many years the traditional concept of the reference monitor has proven to be a sound architectural foundation for secure computer systems.  ...  However, with the advent of distributed systems and multiple, user-defined application-specific security policies the limitations of reference monitors become more and more obvious.  ...  Acknowledgments The author would like to thank the systems security group at GMD, including Ciaran Bryce, Michael von Kopp Ostrowski, Wolfgang Lux and Mathias Reinholz, for innumerable valuable discussions  ... 
doi:10.1007/978-0-387-34873-5_32 fatcat:7cvyijhuibaxpoqdk46u656nty

Reective Authorization Systems [chapter]

Massimo Ancona, Walter Cazzola, Eduardo B. Fernandez
1998 Lecture Notes in Computer Science  
The advantages of the combined use of computational reflection and authorization mechanisms are discussed, and three reflective architectures are examined for pointing out the corresponding merits and  ...  A reflective approach for modeling and implementing authorization systems is presented.  ...  Acknowledgment We are most grateful to the anonymous referees whose advice stimulated further deepening on the topic.  ... 
doi:10.1007/3-540-49255-0_62 fatcat:3wkhvnrtszbafjilkscdntvkhy

Reflective Authorization Systems: Possibilities, Benefits, and Drawbacks [chapter]

Massimo Ancona, Walter Cazzola, Eduardo B. Fernandez
1999 Lecture Notes in Computer Science  
The expected benefits from the reflective approach are: more stability of the security layer (i.e., with a more limited number of hidden bugs), better software and development modularity, more reusability  ...  We analyze how to use the reflective approach to integrate an authorization system into a distributed object-oriented framework.  ...  Acknowledgments A preliminary version of this work appears in the proceedings of the 1 st ECOOP Workshop on Distributed Object Security, pages 35-39, Belgium, July 1998.  ... 
doi:10.1007/3-540-48749-2_3 fatcat:adrfqylmkbb3fm7fuelelf3zf4

Process migration

Dejan S. Milojičić, Fred Douglis, Yves Paindaveine, Richard Wheeler, Songnian Zhou
2000 ACM Computing Surveys  
With the increasing deployment of distributed systems in general, and distributed operating systems in particular, process migration is again receiving more attention in both research and product development  ...  As high-performance facilities shift from supercomputers to networks of workstations, and with the ever-increasing role of the World Wide Web, we expect migration to play a more important role and eventually  ...  The anonymous reviewers provided an extensive list of general, as well as very detailed, suggestions that have strengthened our focus, presentation and correctness of the paper.  ... 
doi:10.1145/367701.367728 fatcat:n2hd2cfc3zcvthnmotqadqhjpy

Encapsulating mobile objects

H. Hartig, L. Reuther
Proceedings of 17th International Conference on Distributed Computing Systems  
The capability lists are e n f o r ced d u ring the execution of programs. All lists are s y m b olic to enable their interpretation in heterogeneous environments.  ...  The paper describes the technique, its integration in a Linux environment and rst experiences.  ...  He proposed to add the names of used les to programs and transform them to Amoeba Capabilities 2].  ... 
doi:10.1109/icdcs.1997.598069 dblp:conf/icdcs/HaertigR97 fatcat:zhwztz4n7bgnzpwencmmklbdgy

A secure and reliable bootstrap architecture

W.A. Arbaugh, D.J. Farber, J.M. Smith
Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097)  
In a computer system, the integrity of lower luyers is tyu ically treated as axiomatic by higher liwers.  ...  Under the presumption that the hardware coniprising the muchine (the lowest layer) is valid, integrity of a hyer car1 be guaranteed if and only if: (1) rhe integrity qf the lower layers is checked, and  ...  The Birlix [ 121 Security Architecture proposes a model dcsigned by Michael Gross that is similar to L'ampson's. The Birlix model also suffers from the same problems.  ... 
doi:10.1109/secpri.1997.601317 dblp:conf/sp/ArbaughFS97 fatcat:4pox62qzfzfgblk63jyvsssj2u

Enforcing crash failure semantics in distributed systems with fine-grained object mobility

Bradley M. Duska
1998
One of the costs of fine-grained mobility is an increase in the complexity of programming with respect to failures.  ...  The granularity of migration ranges from the coarse-grained movement of whole processes to the fine-grained mobility of individual objects which provides more flexibility and control.  ...  The GElection object supports elections among a group of nodes, with one Performance Several tests evaluate the performance of the group service on fundamental operations and on the scaling of these  ... 
doi:10.14288/1.0051666 fatcat:iq73j3pknve2xk76vzwbuunctm

Protection in the Guide object-oriented distributed system [chapter]

Daniel Hagimont
Object-Oriented Programming  
Support for cooperative distributed applications is an important direction of computer systems research involving developments in operating systems, programming languages and databases.  ...  development of protected applications in such an environment (Melampus [Luniewski91], Birlix [Kowalski90]).  ...  The work described in this paper has been partially supported by the Commission of European Communities through the Comandos ESPRIT project.  ... 
doi:10.1007/bfb0052188 dblp:conf/ecoop/Hagimont94 fatcat:z6envnb5jfhkrdm6f4eor2s5xq

Toward a Boot Odometer

R.C. Vernon, C.E. Irvine, T.E. Levin
2006 IEEE Information Assurance Workshop  
In situations where the operating system cannot be trusted to meet object reuse requirements, an alternative is needed. In this paper, we address the object reuse problem in volatile memory.  ...  In trustworthy systems, object reuse requirements extend to all forms of memory on the platform and can include volatile elements such as RAM, cache, I/O device registers, and certain controllers.  ...  Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the National Science Foundation.  ... 
doi:10.1109/iaw.2006.1652072 fatcat:2b3ffexmgngxho56sm556halfm