Home

About

Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network
FAQHELPSITE MAPCONTACT US


  Advanced Search  

 
The Flask Security Architecture: System Support for Diverse Security Policies Ray Spencer Secure Computing Corporation
 

Summary: The Flask Security Architecture: System Support for Diverse Security Policies
Ray Spencer Secure Computing Corporation
Stephen Smalley, Peter Loscocco National Security Agency
Mike Hibler, David Andersen, Jay Lepreau University of Utah
http://www.cs.utah.edu/flux/flask/
Abstract
Operating systems must be flexible in their support
for security policies, providing sufficient mechanisms for
supporting the wide variety of real­world security poli­
cies. Such flexibility requires controlling the propaga­
tion of access rights, enforcing fine­grained access rights
and supporting the revocation of previously granted ac­
cess rights. Previous systems are lacking in at least one
of these areas. In this paper we present an operating
system security architecture that solves these problems.
Control over propagation is provided by ensuring that
the security policy is consulted for every security deci­
sion. This control is achieved without significant perfor­
mance degradation through the use of a security decision
caching mechanism that ensures a consistent view of pol­

  

Source: Andersen, Dave - School of Computer Science, Carnegie Mellon University
Utah, University of - School of Computing, Flux Research Group

 

Collections: Computer Technologies and Information Sciences