Discretionary capability confinement

Discretionary capability confinement (2006)

Cached

Download Links

Other Repositories/Bibliography

DBLP

by Philip W. L. Fong , Philip W. L. Fong

Venue:	In Proceedings of the 11th European Symposium on Research in Computer Security
Citations:	3 - 3 self

BibTeX

@INPROCEEDINGS{Fong06discretionarycapability,
    author = {Philip W. L. Fong and Philip W. L. Fong},
    title = {Discretionary capability confinement},
    booktitle = {In Proceedings of the 11th European Symposium on Research in Computer Security},
    year = {2006},
    pages = {127--144}
}

Bookmark

OpenURL

Abstract

Abstract. Motivated by the need of application-level access control in dynamically extensible systems, this work proposes a static annotation system for modeling capabilies in a Java-like programming language. Unlike previous language-based capability systems, the proposed annotation system can provably enforce capability confinement. This confinement guarantee is leveraged to model a strong form of separation of duty known as hereditary mutual suspicion. The annotation system has been fully implemented in a standard Java Virtual Machine. 1

Citations

4647	Design Patterns: Elements of Reusable Object-Oriented Software - Gamma, Helm, et al. - 1994
944	Role-based access control models - Sandhu, Coyne, et al. - 1996
537	The protection of information in computer systems - Saltzer, Schroeder - 1975
458	Language-based information-flow security - Sabelfeld, Myers
343	A comparison of commercial and military computer security policies - Clark, Wilson - 1987
300	Proposed NIST Standard for RoleBased Access Control - Ferraiolo, Sandhu, et al. - 2001
237	Programming semantics for multiprogrammed computations - Dennis, Horn - 1966
186	Typed memory management in a calculus of capabilities - Crary, Walker, et al. - 1999
176	Delegation logic: A logicbased approach to distributed authorization - Li, Grosof, et al. - 2003
174	Extensible security architectures for Java - Wallach, Balfanz, et al. - 1997
154	Designing distributed applications with mobile code paradigms - Carzaniga, Picco, et al. - 1997
119	IRM enforcement of Java stack inspection - Erlingsson, Schneider - 2000
105	The typed access matrix model - Sandhu - 1992
96	B.: Confined types - Vitek, Bokowski - 1999
89	Access control based on execution history - Abadi, Fournet - 2003
87	Encapsulating objects with confined types - Grothoff, Palsberg, et al.
83	Stack inspection: theory and variants - Fournet, Gordon - 2003
79	A language-based approach to security - Schneider, Morrisett, et al. - 2000
66	A linear time algorithm for deciding subject security - Lipton, Snyder - 1977
65	A systematic approach to static access control - Pottier, Skalka, et al. - 2005
63	Implementing Protection Domains in the Java Development Kit 1.2 - Gong, Schemers - 1998
61	A secure identity-based capability system - Gong - 1989
59	History-based access control for mobile code - Edjlali, Acharya, et al. - 1999
51	SAFKASI: A security mechanism for language-based systems - Wallach, Appel, et al. - 2000
51	The schematic protection model: Its definition and analysis for acyclic attenuating schemes - Sandhu - 1988
40	ECMA-335: Common Language Infrastructure. ECMA International, 2002. [HM01] Pieter H. Hartel and Luc Moreau. Formalizing the safety - Standard
36	The Confused Deputy (or why capabilities might have been invented - HARDY - 1988
31	A Language Extension for Expressing Constraints on Data Access - Jones, Liskov - 1978
30	Capabilities for Sharing: A Generalization of Uniqueness and Read-Only - Boyland, Noble, et al. - 2001
30	Lightweight confinement for featherweight Java - Zhao, Palsber, et al. - 2003
27	Cooperation of mutually suspicious subsystems in a computer utility - Schroeder - 1972
25	A state-transition model of trust management and access control - Chander, Mitchell, et al. - 2006
23	A security kernel based on the lambdacalculus - Rees - 1996
22	Constrained Delegations - Bandmann, Dam, et al. - 2002
18	Capability myths demolished - Miller, Yee, et al. - 2003
17	Type-based confinement - Zhao, Palsberg, et al. - 2006
17	Composable encapsulation policies - Schärli, Ducasse, et al. - 2004
15	Thorsten von Eicken. Implementing multiple protection domains in java - Howblitzel, Chang, et al. - 1998
15	On mutually-exclusive roles and separation of duty - Li, Bizri, et al.
13	Object-oriented Encapsulation for Dynamically Typed Languages - SCHÄRLI, BLACK, et al.
11	A fine-grained, controllable, user-to-user delegation method in RBAC - Wainer, Kumar
10	Static use-based object confinement - Skalka, Smith - 2005
8	The emerald programming language REPORT - Hutchinson, Raj, et al. - 1987
5	Capabilities as alias control: Secure cooperation in dynamically extensible systems - Fong, Zhang - 2004
1	D.: The Java Programming Language. 3rd edn - Arnold, Gosling, et al. - 2000
1	Reasoning about safety properties in a JVM-like environment - Fong - 2006
1	M.: Inside Java 2 Platform Security. 2nd edn - Gong, Ellison, et al. - 2003