- 1.A. Alexandrov, M. Ibel, K. Schauser, and C. Scheiman. Extending the operating system at the user level: the Ufo global file system. In Proceedings of the 1997 USENIX Annual Technical Conference, 1997.]] Google ScholarDigital Library
- 2.B. Bershad, S. Savage, P. Pardyak, E. Sirer, D. Becker, M. Fiuczynski, C. Chambers, and S. Eggers. Extensibility, safety and performance in the spin operating system. In Proc of the 15th A CM Symposium on Operating System Principles, pages 267-84, 1995.]] Google ScholarDigital Library
- 3.M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized trust management. In Proc of the 17th Symposium on Security and Privacy, pages 164-73, 1996.]] Google ScholarDigital Library
- 4.D. Brewer and M. Nash. The Chinese Wall Security Policy. In Proceedings of the 1989 IEEE Symposium on Security and Privacy, 1989.]]Google ScholarCross Ref
- 5.C. Chambers, S. Eggers, J. Auslander, M. Philipose, M. Mock, and P. Pardy~. Automatic dynamic compilation support for event dispatching in extensible systems. in Workshop on Compiler Support for Systems Software, 1996.]]Google Scholar
- 6.B. Christiansen, P. Cappello, M. Ionescu, M. Neary, K. Schauser, and D. Wu. Javelin: Internet-based parallel computing using Java. In Proceedings of the 1997 A CM Workshop on Java for Science and Engineering Computation, 1997.]]Google ScholarCross Ref
- 7.G. Edjlali, A. Acharya, and V. Chaudhary. Historybased access control for mobile code. Technical report, University of California, Santa Barbara, 1997.]] Google ScholarDigital Library
- 8.It. Englander. Developing Java Beans. O'Reilly & Associates, 1997.]] Google ScholarDigital Library
- 9.J. Fritzinger and M. Mueller. Java security. Technical report, Sun Microsystems, Inc, 1996.]]Google Scholar
- 10.T. Gamble. Implementing execution controls in Unix. In Proceedings of the 7th System Administration Conference, pages 237-42, 1993.]] Google ScholarDigital Library
- 11.I. Goldberg, D. Wagner, R. Thomas, and E. Brewer. A secure environment for untrusted helper applications: confining the wily hacker. In Proceedings of the 1996 USENIX Security Symposium, 1996.]] Google ScholarDigital Library
- 12.L. Gong. New security architectural directions for Java. In Proceedings of IEEE COMPCON'9?, 1997.]] Google ScholarDigital Library
- 13.C. Gunter and T. Jim. Design of an application-level security infrastructure. In DIMACS Workshop on Design and Formal Verification of Security Protocols, 1997.]]Google Scholar
- 14.The HashJava code obfuscator. Available from 4thPass Software,810 32nd Avenue South, Seattle, WA 981444.]]Google Scholar
- 15.J. Hollingsworth, B. Miller, and J. Cargille. Dynamic program instrumentation for scalable performance tools. In SHPCC, 1994.]]Google ScholarCross Ref
- 16.J. Hollingsworth and E. Miller. Using content-derived names for caching and software distribution. In Proceedings of the 1997 ACm Symposium on Software Reusability, 1997.]] Google ScholarDigital Library
- 17.C. Horstmann and G. CorneU. Core Java 1.i, volume I - Fundamentals. Sun Microsystems Press, third edition, 1997.]]Google Scholar
- 18.T. Jaeger, A. Prakash, and A. Rubin. Building systems that flexibly control downloaded executable context. In Proc of the 6th Useniz Security Symposium, 1996.]] Google ScholarDigital Library
- 19.S. Jajodia, P. Samarati, V. Subrahmanian, and E. Bertino. A unified framework for enforcing multiple access control policies. In Proc. AGM SIGMOD Int'l. Conf. on Management of Data, pages 474-85, 1997.]] Google ScholarDigital Library
- 20.The JavaCC parser generator. Available from Sun Microsystems Inc. 901 San Antonio Road, Palo Alto, CA 94303 USA5.]]Google Scholar
- 21.The 3aWavedit Audio File Editor. Available from Florian Bomers' web site6.]]Google Scholar
- 22.The Jeevan object-oriented database. Available from W3apps inc., Ft. Lauderdale, Floridar.]]Google Scholar
- 23.The JLex lexical analyzer generator. Available from the Department of Computer Science, Princeton University8.]]Google Scholar
- 24.M. Jones. Interposition agents: Transparently interposing user code at the system interface. In Proceedings of the iSth A CM Symposium on Operating System Principles, 1993.]] Google ScholarDigital Library
- 25.P. Karger. Limiting the damage potential of the discretionary trojan home. In Proceedings of the 1987 IEEE Syposium on Research in Security and Privacy, 1987.]]Google Scholar
- 26.M. King. Identifying and controlling undesirable program behaviors. In Proceedings of the i4th National Computer Security Conference, 1992.]]Google Scholar
- 27.C. Ko, G. Fink, and K. Levitt. Automated detection of vulnerabilities in privileged prograrn.q by execution monitoring. In Proceedings. l Oth Annual Computer Security Applications Conference, pages 134--44, 1994.]]Google ScholarCross Ref
- 28.N. Lai and T. Gray. Strengthening discretionary access controls to inhibit trojan homes and computer viruses. In Proceedings of the 1988 USENIX Summer Symposium, 1988.]]Google Scholar
- 29.N. Mehta and K. Sollins. Extending and expanding the security features of Java. In Proceedings of the 1998 USENIX Security Symposium, 1998.]] Google ScholarDigital Library
- 30.Microsoft Corporation. Proposal for Authenticating Code Via the Internet, Apr 1996. http ://wwto. microsoft, eom/intdev/s eeurity/autheode.]]Google Scholar
- 31.1~. Rivest. The MD5 message-digest algorithm. RFC 1321, Network Working Group, 1992.]] Google ScholarDigital Library
- 32.J. Saltzer and M. Sehroeder. The protection of information in computer systems. Proceedings of the IEEE, 63(9):1278-1308, Sep 1975.]]Google Scholar
- 33.It. Scheifler and J. Gettys. X Window System : The Complete Reference to Xlib, X Protocol, Ieccm, Xlfd. Butterworth-Heinemann, 1992.]] Google ScholarDigital Library
- 34.Secure hash standard. Federal Information Processing Standards Publication, FIPS, PUB 180-1, April 1995.]]Google Scholar
- 35.1%. Simon and M. Zurko. Separation of duty in rolebased environments. In Proceedings of the IEEE Computer Security Foundations Workshop '97, 1997.]] Google ScholarDigital Library
- 36.The Spaniel News Server. Available from Spaniel Software9.]]Google Scholar
- 37.V. Varadharajau and P. Allen. Joint actions based authorization schemes. Operating Systems Review, 30(3):32-45, 1996.]] Google ScholarDigital Library
- 38.D. Wallach, D. Balfanz, D. Dean, and E. Felten. Extensible security architecture for Java. In SOSP 16, 1997.]] Google ScholarDigital Library
- 39.D. Wichers, D. Cook, 1~. Olsson, J. Crossley, P. Kerchen, K. Levitt, and 1%. Lo. PACL's: an access control list approach to anti-viral security. In USENIX Workshop Proceedings. UNIX SECURITY II, pages 71- 82, 1990.]]Google Scholar
- 40.The WingDis Editor. Available from WingSoft Corporation, P.O.Box 7554, Fremont, CA 94537~~.]]Google Scholar
Index Terms
- History-based access control for mobile code
Recommendations
Configuring role-based access control to enforce mandatory and discretionary access control policies
Access control models have traditionally included mandatory access control (or lattice-based access control) and discretionary access control. Subsequently, role-based access control has been introduced, along with claims that its mechanisms are general ...
Role-Based Access Control Models
Since the 1970s, computer systems have featured multiple applications and served multiple users, leading to heightened awareness of data security issues. System administrators and software developers focused on different kinds of access control to ...
Delegation in role-based access control
User delegation is a mechanism for assigning access rights available to one user to another user. A delegation can either be a grant or transfer operation. Existing work on delegation in the context of role-based access control models has extensively ...
Comments