Abstract
The design of a protection system for an operating system is seen to involve satisfying the competing properties of richness and integrity. Achieving both requires the interplay of analysis and synthesis. Using a formal model from the literature, three designs are developed whose integrity (with the help of the model) can be shown.
- 1 A. K. Jones, R. J. Lipton, and L. Snyder. A linear time algorithm for deciding security. Proceedings of the 17th FOCS (1976).Google ScholarDigital Library
- 2 R. J. Lipton and L. Snyder. A linear time algorithm for deciding subject security. JACM 24:3 (1977). Google ScholarDigital Library
- 3 M. A. Harrison, W. L. Ruzzo, and J. D. Ullman. Protection in operating systems. CACM 19:8 (1976). Google ScholarDigital Library
Index Terms
- On the synthesis and analysis of protection systems
Recommendations
On the synthesis and analysis of protection systems
SOSP '77: Proceedings of the sixth ACM symposium on Operating systems principlesThe design of a protection system for an operating system is seen to involve satisfying the competing properties of richness and integrity. Achieving both requires the interplay of analysis and synthesis. Using a formal model from the literature, three ...
Comments