Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
USENIX
2007
2007
From Trusted to Secure: Building and Executing Applications That Enforce System Security
Commercial operating systems have recently introduced mandatory access controls (MAC) that can be used to ensure system-wide data confidentiality and integrity. These protections rely on restricting the flow of information between processes based on security levels. The problem is, there are many applications that defy simple classification by security level, some of them essential for system operation. Surprisingly, the common practice among these operating systems is simply to mark these applications as “trusted”, and thus allow them to bypass label protections. This compromise is not a limitation of MAC or the operating system services that enforce it, but simply a fundamental inability of any operating system to reason about how applications treat sensitive data internally—and thus the OS must either restrict the data that they receive or trust them to handle it correctly. These practices were developed prior to the advent security-typed languages. These languages provide...
Real-time TrafficRelated Content
| Added | 02 Oct 2010 |
| Updated | 02 Oct 2010 |
| Type | Conference |
| Year | 2007 |
| Where | USENIX |
| Authors | Boniface Hicks, Sandra Rueda, Trent Jaeger, Patrick Drew McDaniel |
Comments (0)
Researcher Info
|
