A policy language for the extended reference monitor in trusted operating systems

Hyung Chan Kim, R. S. Ramakrishna, Wook Shin, Koiuchi Sakurai

研究成果: Chapter in Book/Report/Conference proceedingConference contribution

1 被引用数 (Scopus)

抄録

The main focus of current research in Trusted Operating Systems (TOS) is on the enhanced access control of reference monitors which, in turn, control the individual operations on a given access instance. However, many real-life runtime attacks involve behavioral semantics. We have proposed an extended reference monitor to support both access and behavior controls. This results in a sequence of operations which are also of concern in security enforcement. This paper presents a policy language for the extended reference monitor. Our policy language is based on Domain and Type Enforcement (DTE) and Role-Based Access Control (RBAC). Permission is defined as an event and a state of behavior is represented as a fluent to be accorded with the convention of Event Calculus (EC). Behavior policies can be expressed with the EC style syntax as well as access control policies.

本文言語英語
ホスト出版物のタイトルProceedings - The Second International Conference on Availability, Reliability and Security, ARES 2007
ページ1160-1166
ページ数7
DOI
出版ステータス出版済み - 8 29 2007
イベント2nd International Conference on Availability, Reliability and Security, ARES 2007 - Vienna, オーストラリア
継続期間: 4 10 20074 13 2007

出版物シリーズ

名前Proceedings - Second International Conference on Availability, Reliability and Security, ARES 2007

その他

その他2nd International Conference on Availability, Reliability and Security, ARES 2007
国/地域オーストラリア
CityVienna
Period4/10/074/13/07

All Science Journal Classification (ASJC) codes

  • 情報システム
  • 電子工学および電気工学
  • 安全性、リスク、信頼性、品質管理

フィンガープリント

「A policy language for the extended reference monitor in trusted operating systems」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル