{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,4]],"date-time":"2024-09-04T23:34:40Z","timestamp":1725492880914},"publisher-location":"Berlin, Heidelberg","reference-count":49,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540661306"},{"type":"electronic","value":"9783540487494"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[1999]]},"DOI":"10.1007\/3-540-48749-2_14","type":"book-chapter","created":{"date-parts":[[2007,10,19]],"date-time":"2007-10-19T08:22:57Z","timestamp":1192782177000},"page":"289-316","source":"Crossref","is-referenced-by-count":4,"title":["Access Control in Configurable Systems"],"prefix":"10.1007","author":[{"given":"Trent","family":"Jaeger","sequence":"first","affiliation":[]}],"member":"297","reference":[{"key":"14_CR1","series-title":"Technical Report","doi-asserted-by":"crossref","DOI":"10.21236\/AD0772806","volume-title":"Computer security technology planning study","author":"J. P. Anderson","year":"1972","unstructured":"J. P. Anderson. Computer security technology planning study. Technical Report ESD-TR-73-51, James P. Anderson and Co., Fort Washington, PA, USA, 1972."},{"doi-asserted-by":"crossref","unstructured":"L. Badger, D. F. Sterne, D. L. Sherman, K. M. Walker, and S. A. Haghighat. Practical domain and type enforcement for UNIX. In IEEE Symposium on Security and Privacy, pages 66\u201377, 1995.","key":"14_CR2","DOI":"10.1109\/SECPRI.1995.398923"},{"doi-asserted-by":"crossref","unstructured":"D. E. Bell and L. J. LaPadula. Secure computer system: Unified exposition and Multics interpretation. Technical Report MTR-2997, Mitre Corporation, January 1976.","key":"14_CR3","DOI":"10.21236\/ADA023588"},{"doi-asserted-by":"crossref","unstructured":"B. N. Bershad, S. Savage, P. Pardyak, E. G. Sirer, M. E. Fiuczynski, D. Becker, C. Chambers, and S. Eggers. Extensibility, safety, and performance in the SPIN operating system. In Proceedings of the 15th Symposium on Operating Systems Principles, pages 267\u2013284, 1995.","key":"14_CR4","DOI":"10.1145\/224056.224077"},{"doi-asserted-by":"crossref","unstructured":"E. Bertino, E. Ferrari, and V. Atluri. A flexible model for the specification and enforcement of role-based authorizations in workflow management systems. In Proceedings of the Second ACM Role-Based Access Control Workshop, November 1997.","key":"14_CR5","DOI":"10.1145\/266741.266746"},{"issue":"2","key":"14_CR6","first-page":"131","volume":"9","author":"M. Bishop","year":"1996","unstructured":"M. Bishop and M. Dilger. Checking for race conditions in file accesses. Computing Systems, 9(2):131\u2013152, 1996.","journal-title":"Computing Systems"},{"unstructured":"W. E. Boebert and R. Y. Kain. A practical alternative to hierarchical integrity policies. In Proceedings of the 8th National Computer Security Conference, pages 18\u201327, 1985.","key":"14_CR7"},{"doi-asserted-by":"crossref","unstructured":"D. F. C. Brewer and M. J. Nash. The Chinese Wall security policy. In Proceedings of IEEE Symposium on Security and Privacy, pages 206\u2013214, 1989.","key":"14_CR8","DOI":"10.1109\/SECPRI.1989.36295"},{"issue":"4","key":"14_CR9","doi-asserted-by":"publisher","first-page":"271","DOI":"10.1145\/195792.195795","volume":"12","author":"J. S. Chase","year":"1994","unstructured":"J. S. Chase, H. M. Levy, M. J. Feeley, and E. D. Lazowska. Sharing and protection in a single-address-space operating system. ACM Transactions on Computer Systems, 12(4):271\u2013307, November 1994.","journal-title":"ACM Transactions on Computer Systems"},{"issue":"3","key":"14_CR10","doi-asserted-by":"publisher","first-page":"143","DOI":"10.1145\/365230.365252","volume":"9","author":"J. B. Dennis","year":"1966","unstructured":"J. B. Dennis and E. C. Van Horn. Programming semantics for multiprogrammed computations. Communications of the ACM, 9(3):143\u2013155, March 1966.","journal-title":"Communications of the ACM"},{"unstructured":"S. Dorward, R. Pike, and P. Winterbottom. Inferno: la commedia interattiva, 1996. Available from inferno.bell-labs.com.","key":"14_CR11"},{"doi-asserted-by":"crossref","unstructured":"D. Engler, F. Kaashoek, and J. O\u2019Toole. Exokernel: An operating system architecture for application level resource management. In Proceedings of the 15th Symposium on Operating Systems Principles, pages 251\u2013266, December 1995.","key":"14_CR12","DOI":"10.1145\/224057.224076"},{"doi-asserted-by":"crossref","unstructured":"J. G. Mitchell et al. An overview of the Spring system. In Proceedings of Compcon, February 1994.","key":"14_CR13","DOI":"10.1109\/CMPCON.1994.282935"},{"doi-asserted-by":"crossref","unstructured":"B. Ford, G. Back, G. Benson, J. Lepreau, A. Lin, and O. Shivers. The Flux OSKit: A substrate for kernel and language research. In Proceedings of the 16th Symposium on Operating Systems Principles, pages 38\u201351, 1997.","key":"14_CR14","DOI":"10.1145\/268998.266642"},{"doi-asserted-by":"crossref","unstructured":"L. Giuri and P. Iglio. Role templates for content-based access control. In Proceedings of the Second ACM Role-Based Access Control Workshop, November 1997.","key":"14_CR15","DOI":"10.1145\/266741.266773"},{"doi-asserted-by":"crossref","unstructured":"Y. Goldberg, M. Safran, and E. Shapiro. Active Mail \u2014 a framework for implementing groupware. In CSCW 92 Proceedings, pages 75\u201383, 1992.","key":"14_CR16","DOI":"10.1145\/143457.143464"},{"issue":"3","key":"14_CR17","doi-asserted-by":"publisher","first-page":"14","DOI":"10.1109\/40.591650","volume":"17","author":"L. Gong","year":"1997","unstructured":"L. Gong. Java security: present and near future. IEEE Micro, 17(3):14\u201319, 1997.","journal-title":"IEEE Micro"},{"unstructured":"L. Gong, M. Mueller, H. Prefullchandra, and R. Schemers. An overview of the new security architecture in the Java Development Kit 1.2. In Proceedings of the USENIX Symposium on Internet Technologies and Systems, pages 103\u2013112, December 1997.","key":"14_CR18"},{"unstructured":"Object Management Group. Security service specification. In CORBAservices: Common Object Services Specification, chapter 15. November 1997. Available from http:\/\/www.omg.org .","key":"14_CR19"},{"doi-asserted-by":"crossref","unstructured":"T. Jaeger, K. Elphinstone, J. Liedtke, V. Panteleenko, and Y. Park. Flexible access control using IPC redirection. In Proceedings of the 7th Workshop on Hot Topics in Operating Systems, 1999. To appear.","key":"14_CR20","DOI":"10.1109\/HOTOS.1999.798399"},{"unstructured":"T. Jaeger, J. Liedtke, and N. Islam. Operating system protection for fine-grained programs. In Proceedings of the 7th USENIX Security Symposium, pages 143\u2013156, January 1998.","key":"14_CR21"},{"doi-asserted-by":"crossref","unstructured":"T. Jaeger and A. Prakash. Support for the file system security requirements of computational e-mail systems. In Proceedings of the 2nd ACM Conference on Computer and Communications Security, pages 1\u20139, 1994.","key":"14_CR22","DOI":"10.1145\/191177.191179"},{"doi-asserted-by":"crossref","unstructured":"T. Jaeger, A. Prakash, J. Liedtke, and N. Islam. Flexible control of downloaded executable content. ACM Transactions on Information System Security, May 1999. To appear.","key":"14_CR23","DOI":"10.1145\/317087.317091"},{"doi-asserted-by":"crossref","unstructured":"T. Jaeger, A. Rubin, and A. Prakash. Building systems that flexibly control downloaded executable content. In Proceedings of the 6th USENIX Security Symposium, pages 131\u2013148, July 1996.","key":"14_CR24","DOI":"10.1109\/IWOOOS.1996.557855"},{"doi-asserted-by":"crossref","unstructured":"G. Karjoth. Authorization in CORBA security. In Proceedings of ESORICS\u2019 98, 1998.","key":"14_CR25","DOI":"10.1007\/BFb0055861"},{"issue":"2","key":"14_CR26","first-page":"135","volume":"6","author":"M. Knister","year":"1993","unstructured":"M. Knister and A. Prakash. Issues in the design of a toolkit for supporting multiple group editors. Computing Systems, 6(2):135\u2013166, 1993.","journal-title":"Computing Systems"},{"issue":"1","key":"14_CR27","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1145\/775265.775268","volume":"8","author":"B. Lampson","year":"1974","unstructured":"B. Lampson. Protection. ACM Operating Systems Review, 8(1):18\u201324, January 1974.","journal-title":"ACM Operating Systems Review"},{"doi-asserted-by":"crossref","unstructured":"J. Liedtke. Clans & chiefs. In Architektur von Rechensystemen. Springer-Verlag, March 1992. In English.","key":"14_CR28","DOI":"10.1007\/978-3-642-77422-5_25"},{"doi-asserted-by":"crossref","unstructured":"J. Liedtke. Improving IPC by kernel design. In Proceedings of the 14th Symposium on Operating Systems Principles, pages 175\u2013187, 1993.","key":"14_CR29","DOI":"10.1145\/168619.168633"},{"doi-asserted-by":"crossref","unstructured":"J. Liedtke, N. Islam, and T. Jaeger. Preventing denial-of-service attacks on a \u03bc-kernel for WebOSes. In Proceedings of the Sixth Workshop on Hot Topics in Operating Systems, pages 73\u201379, May 1997.","key":"14_CR30","DOI":"10.1109\/HOTOS.1997.595186"},{"doi-asserted-by":"crossref","unstructured":"E. C. Lupu and M. Sloman. Reconciling role-based management and role-based access control. In Proceedings of the Second ACM Role-Based Access Control Workshop, November 1997.","key":"14_CR31","DOI":"10.1145\/266741.266770"},{"unstructured":"S. D. Majewski. Distributed programming: Agentware\/ componentware\/ distributed objects. Available at http:\/\/minsky.med.virginia.edu\/sdm7g\/Projects\/Python\/SafePython.html .","key":"14_CR32"},{"unstructured":"S. E. Minear. Providing policy control over object operations in a Mach-based system. In Proceedings of the 5th USENIX Security Symposium, 1995.","key":"14_CR33"},{"unstructured":"N. H. Minsky and V. Ungureanu. Unified support for heterogenous security policies in distributed systems. In Proceedings of the 7th USENIX Security Symposium, pages 131\u2013142, January 1998.","key":"14_CR34"},{"doi-asserted-by":"crossref","unstructured":"J. K. Ousterhout, J. Y. Levy, and B. B. Welch. The Safe-Tcl security model. In Proceedings of the 23rd USENIX Annual Technical Conference, 1998.","key":"14_CR35","DOI":"10.1007\/3-540-68671-1_12"},{"issue":"8","key":"14_CR36","doi-asserted-by":"publisher","first-page":"896","DOI":"10.1109\/12.2242","volume":"37","author":"R. Rashid","year":"1988","unstructured":"R. Rashid, A. Tevanian Jr., M. Young, D. Golub, D. Baron, D. Black, W. J. Bolosky, and J. Chew. Machine-independent virtual memory management for paged uniprocessor and multiprocessor architectures. IEEE Transactions on Computers, 37(8):896\u2013908, August 1988.","journal-title":"IEEE Transactions on Computers"},{"issue":"9","key":"14_CR37","doi-asserted-by":"publisher","first-page":"1278","DOI":"10.1109\/PROC.1975.9939","volume":"63","author":"J. H. Saltzer","year":"1975","unstructured":"J. H. Saltzer and M. D. Schroeder. The protection of information in computer systems. Proceedings of the IEEE, 63(9):1278\u20131308, September 1975.","journal-title":"Proceedings of the IEEE"},{"doi-asserted-by":"crossref","unstructured":"R. Sandhu. Rationale for the RBAC96 family of access control models. In Proceedings of the 1st Workshop on Role-Based Access Control, 1995.","key":"14_CR38","DOI":"10.1145\/270152.270167"},{"doi-asserted-by":"crossref","unstructured":"R. Sandhu. Role activation hierarchies. In Proceedings of the Third Workshop on Role-Based Access Control, 1998.","key":"14_CR39","DOI":"10.1145\/286884.286891"},{"doi-asserted-by":"crossref","unstructured":"R. S. Sandhu, V. Bhamidipati, E. Coyne, S. Ganta, and C. Youman. The ARBAC97 model for role-based administration of roles: preliminary description and outline. In Proceedings of the Second Workshop on Role-Based Access Control, pages 41\u201350, 1997.","key":"14_CR40","DOI":"10.1145\/266741.266752"},{"issue":"2","key":"14_CR41","doi-asserted-by":"crossref","first-page":"38","DOI":"10.1109\/2.485845","volume":"29","author":"R. S. Sandhu","year":"1996","unstructured":"R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-based access control models. IEEE Computer, 29(2):38\u201347, February 1996.","journal-title":"IEEE Computer"},{"doi-asserted-by":"crossref","unstructured":"M. I. Seltzer, Y. Endo, C. Small, and K. A. Smith. Dealing with disaster: Surviving misbehaved kernel extensions. In Proceedings of the 2nd Conference on Operating Systems Design and Implementation, pages 213\u2013227, 1996.","key":"14_CR42","DOI":"10.1145\/238721.238779"},{"unstructured":"D. Thomsen, D. O\u2019Brien, and J. Bogle. Role based access control framework for network enterprises. In Proceedings of the Fourteenth Computer Security Applications Conference, 1998.","key":"14_CR43"},{"doi-asserted-by":"crossref","unstructured":"J. Vochteloo, K. Elphinstone, S. Russell, and G. Heiser. Protection domain extensions in Mungi. In Proceedings of the Fifth International Workshop on Object Orientation in Operating Systems, pages 161\u2013165, October 1996.","key":"14_CR44","DOI":"10.1109\/IWOOOS.1996.557913"},{"unstructured":"D. S. Wallach and E. W. Felten. Understanding Java stack introspection. In Proceedings of IEEE Symposium on Security and Privacy, 1998.","key":"14_CR45"},{"doi-asserted-by":"crossref","unstructured":"P. Wayner. Agents Unleashed. AP Professional, 1995.","key":"14_CR46","DOI":"10.1016\/B978-0-12-738765-9.50020-4"},{"unstructured":"M. V. Wilkes and R. M. Needham. The Cambridge CAP Computer and Its Operating System. North Holland, 1979.","key":"14_CR47"},{"issue":"6","key":"14_CR48","doi-asserted-by":"publisher","first-page":"337","DOI":"10.1145\/355616.364017","volume":"17","author":"W. Wulf","year":"1974","unstructured":"W. Wulf, E. Cohen, W. Corwin, A. Jones, R. Levin, C. Pierson, and F. Pollack. HYDRA: The kernel of a multiprocessor operating system. Communications of the ACM, 17(6):337\u2013345, June 1974.","journal-title":"Communications of the ACM"},{"doi-asserted-by":"crossref","unstructured":"M. E. Zurko and R. Simon. User-centered security. In Proceedings of the 1996 New Security Paradigms Workshop, 1996.","key":"14_CR49","DOI":"10.1145\/304851.304859"}],"container-title":["Lecture Notes in Computer Science","Secure Internet Programming"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/3-540-48749-2_14","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,3]],"date-time":"2019-05-03T17:37:16Z","timestamp":1556905036000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/3-540-48749-2_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[1999]]},"ISBN":["9783540661306","9783540487494"],"references-count":49,"URL":"https:\/\/doi.org\/10.1007\/3-540-48749-2_14","relation":{},"ISSN":["0302-9743"],"issn-type":[{"type":"print","value":"0302-9743"}],"subject":[],"published":{"date-parts":[[1999]]}}}