Host compromise is a serious security problem for operating systems. Most previous solutions based on integrity protection models are difficult to use; on the other hand, usable i...
Ennan Zhai, Qingni Shen, Yonggang Wang, Tao Yang, ...
Existing mandatory access control systems for operating systems are difficult to use. We identify several principles for designing usable access control systems and introduce the...
Abstract—The traditional virtual machine usage model advocates placing security mechanisms in a trusted VM layer and letting the untrusted guest OS run unaware of the presence of...
Daniela Alvim Seabra de Oliveira, Shyhtsun Felix W...
Decentralized information flow control (DIFC) is a promising model for writing programs with powerful, end-to-end security guarantees. Current DIFC systems that run on commodity ...
Indrajit Roy, Donald E. Porter, Michael D. Bond, K...
Commodity operating systems entrusted with securing sensitive data are remarkably large and complex, and consequently, frequently prone to compromise. To address this limitation, ...
Xiaoxin Chen, Tal Garfinkel, E. Christopher Lewis,...