Richard A. Kemmerer
- 1 LAMPSON, B.W. A note on the confinement problem. Commun. ACM 16, 10 (Oct. 1973), 613- 615. Google Scholar
- 2 WALKER, B.J. KEMMERER, R.A., AND POPEK, G.J. Specification and verification of the UCLA Unix Security Kernel. Commun. ACM 23, 2 (Feb. 1980), 118-131. Google Scholar
- 3 LIPNER, S.B. A comment on the confinement problem. In Proc. 5th Syrup. Operating Systems Principles. (Austin, Tex., Nov. 19-21), ACM, New York, 1975. Google Scholar
- 4 MILLEN, J.K. Security kernel validation in practice. Commun. ACM 19, 5 (May 1976), 243-250. Google Scholar
- 5 SCHAEFER, M., GOLD, B., LINDE, R., AND SCHEID, J. Program confinement in KVM/370. In Proc. 1977 Ann. ACM Conf., (Seattle, Wash., Oct.), ACM, New York, 1977, pp. 404-410. Google Scholar
- 6 AMES, S.R., AND MILLEN, J.K. Interface verification for a security kernel. In System Reliability and Integrity, vol. 2, Infotech State of the Art Rep., INFOTECH Int., Ltd., Maidenhead, Berkshire, UK, 1978.Google Scholar
- 7 KLINE, C.S. Data security: Security, protection, confinement, covert channels, validation. Ph.D dissertation, Computer Science Dept., Univ. of California, Los Angeles, 1980.Google Scholar
- 8 MILLEN, J.K., HUFF, G.A., AND GASSER, M. Flow table generator. MITRE Working Paper, WP- 22554, The MITRE Corp., Bedford, Mass., Nov. 1979.Google Scholar
- 9 FEIERTAG, R.J. A technique for proving specifications are multilevel secure. CSL-109, SRI International, Menlo Park, Calif., Jan. 1980.Google Scholar
- 10 GROSSMAN, G.R. A practical executive for secure communications. In Proc. 1982 Syrup. Security and Privacy, (Oakland, Calif., April 26-28, 1982). IEEE, New York, pp. 144-155.Google Scholar
- 11 BELL, D.E., AND LAPADULA, L.J. Secure computer systems. ESD-TR-73-278, vols. 1-3, The MITRE Corp., Bedford, Mass., June 1974.Google Scholar
- 12 KEMMERER, R.A. Shared resource matrix methodology: A practical approach to identifying covert channels. Rep. TRCS81-10, Computer Science Dept., Univ. of California, Santa Barbara, Nov. 1981.Google Scholar
- 13 LOCASSO, R., SCHEID, J., SCHORRE, V., AND EGGERT, P. The Ina Jo Specification Language Reference Manual. SDC Document TM-6889/000/01, System Development Corp., Santa Monica, Calif., Nov. 1980.Google Scholar
- 14 DENNING, D.E. A lattice model of secure information flow. Cornmun. ACM 19, 5 (May 1976), 238-243. Google Scholar
Index Terms
- Shared resource matrix methodology: an approach to identifying storage and timing channels
Recommendations
On Characterizing and Measuring Out-of-Band Covert Channels
IH&MMSec '15: Proceedings of the 3rd ACM Workshop on Information Hiding and Multimedia SecurityA methodology for characterizing and measuring out-of-band covert channels (OOB-CCs) is proposed and used to evaluate covert-acoustic channels (i.e., covert channels established using speakers and microphones). OOB-CCs are low-probability of detection/...
openwifi CSI fuzzer for authorized sensing and covert channels
WiSec '21: Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile NetworksCSI (Channel State Information) of WiFi systems contains the environment channel response between the transmitter and the receiver, so the people/objects and their movement in between can be sensed. To get CSI, the receiver performs channel estimation ...
Language-based control and mitigation of timing channels
PLDI '12: Proceedings of the 33rd ACM SIGPLAN Conference on Programming Language Design and ImplementationWe propose a new language-based approach to mitigating timing channels. In this language, well-typed programs provably leak only a bounded amount of information over time through external timing channels. By incorporating mechanisms for predictive ...
Comments