A policy language for the extended reference monitor in trusted operating systems

Hyung Chan Kim, R. S. Ramakrishna, Wook Shin, Koiuchi Sakurai

研究成果: 著書/レポートタイプへの貢献会議での発言

1 引用 (Scopus)

抜粋

The main focus of current research in Trusted Operating Systems (TOS) is on the enhanced access control of reference monitors which, in turn, control the individual operations on a given access instance. However, many real-life runtime attacks involve behavioral semantics. We have proposed an extended reference monitor to support both access and behavior controls. This results in a sequence of operations which are also of concern in security enforcement. This paper presents a policy language for the extended reference monitor. Our policy language is based on Domain and Type Enforcement (DTE) and Role-Based Access Control (RBAC). Permission is defined as an event and a state of behavior is represented as a fluent to be accorded with the convention of Event Calculus (EC). Behavior policies can be expressed with the EC style syntax as well as access control policies.

元の言語英語
ホスト出版物のタイトルProceedings - The Second International Conference on Availability, Reliability and Security, ARES 2007
ページ1160-1166
ページ数7
DOI
出版物ステータス出版済み - 8 29 2007
イベント2nd International Conference on Availability, Reliability and Security, ARES 2007 - Vienna, オーストラリア
継続期間: 4 10 20074 13 2007

出版物シリーズ

名前Proceedings - Second International Conference on Availability, Reliability and Security, ARES 2007

その他

その他2nd International Conference on Availability, Reliability and Security, ARES 2007
オーストラリア
Vienna
期間4/10/074/13/07

All Science Journal Classification (ASJC) codes

  • Information Systems
  • Electrical and Electronic Engineering
  • Safety, Risk, Reliability and Quality

フィンガープリント A policy language for the extended reference monitor in trusted operating systems' の研究トピックを掘り下げます。これらはともに一意のフィンガープリントを構成します。

  • これを引用

    Kim, H. C., Ramakrishna, R. S., Shin, W., & Sakurai, K. (2007). A policy language for the extended reference monitor in trusted operating systems. : Proceedings - The Second International Conference on Availability, Reliability and Security, ARES 2007 (pp. 1160-1166). [4159922] (Proceedings - Second International Conference on Availability, Reliability and Security, ARES 2007). https://doi.org/10.1109/ARES.2007.14