Journal ArticleDOI
The protection of information in computer systems
Jerome H. Saltzer,Michael D. Schroeder +1 more
- Vol. 63, Iss: 9, pp 1278-1308
Reads0
Chats0
TLDR
In this article, the authors explore the mechanics of protecting computer-stored information from unauthorized use or modification, focusing on those architectural structures-whether hardware or software-that are necessary to support information protection.Abstract:
This tutorial paper explores the mechanics of protecting computer-stored information from unauthorized use or modification. It concentrates on those architectural structures-whether hardware or software-that are necessary to support information protection. The paper develops in three main sections. Section I describes desired functions, design principles, and examples of elementary protection and authentication mechanisms. Any reader familiar with computers should find the first section to be reasonably accessible. Section II requires some familiarity with descriptor-based computer architecture. It examines in depth the principles of modern protection architectures and the relation between capability systems and access control list systems, and ends with a brief analysts of protected subsystems and protected objects. The reader who is dismayed by either the prerequisites or the level of detail in the second section may wish to skip to Section III, which reviews the state of the art and current research projects and provides suggestions for further reading.read more
Citations
More filters
Journal ArticleDOI
Language-based information-flow security
Andrei Sabelfeld,Andrew C. Myers +1 more
TL;DR: A structured view of research on information-flow security is given, particularly focusing on work that uses static program analysis to enforce information- flow policies, and some important open challenges are identified.
Journal ArticleDOI
Distributed computing in practice: the Condor experience
TL;DR: The history and philosophy of the Condor project is provided and how it has interacted with other projects and evolved along with the field of distributed computing is described.
Journal ArticleDOI
Enforceable security policies
TL;DR: A precise characterization is given for the class of security policies enforceable with mechanisms that work by monitoring system execution, and automata are introduced for specifying exactly that class ofSecurity policies.
Proceedings ArticleDOI
An updated performance comparison of virtual machines and Linux containers
TL;DR: This paper explores the performance of traditional virtual machine (VM) deployments, and contrast them with the use of Linux containers, using KVM as a representative hypervisor and Docker as a container manager.
Proceedings ArticleDOI
Secure Control: Towards Survivable Cyber-Physical Systems
TL;DR: This position paper identifies and defines the problem of secure control, investigates the defenses that information security and control theory can provide, and proposes a set of challenges that need to be addressed to improve the survivability of cyber-physical systems.
References
More filters
Journal ArticleDOI
Communication theory of secrecy systems
TL;DR: A theory of secrecy systems is developed on a theoretical level and is intended to complement the treatment found in standard works on cryptography.
Journal ArticleDOI
A note on the confinement problem
TL;DR: A set of examples attempts to stake out the boundaries of the problem by defining a program during its execution so that it cannot transmit information to any other program except its caller.
Journal ArticleDOI
Formal requirements for virtualizable third generation architectures
TL;DR: A model of a third-generation-like computer system is developed and formal techniques are used to derive precise sufficient conditions to test whether such an architecture can support virtual machines.
Related Papers (5)
Role-based access control models
A Comparison of Commercial and Military Computer Security Policies
David D. Clark,David R. Wilson +1 more