{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T22:52:50Z","timestamp":1743029570955,"version":"3.40.3"},"publisher-location":"Cham","reference-count":44,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319014326"},{"type":"electronic","value":"9783319014333"}],"license":[{"start":{"date-parts":[[2013,1,1]],"date-time":"2013-01-01T00:00:00Z","timestamp":1356998400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2013,1,1]],"date-time":"2013-01-01T00:00:00Z","timestamp":1356998400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-319-01433-3_7","type":"book-chapter","created":{"date-parts":[[2013,10,11]],"date-time":"2013-10-11T17:49:26Z","timestamp":1381513766000},"page":"119-133","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["The Right Files at the Right Time"],"prefix":"10.1007","author":[{"given":"Hayawardh","family":"Vijayakumar","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Trent","family":"Jaeger","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2013,9,17]]},"reference":[{"key":"7_CR1","unstructured":"Berman, A., et al.: TRON: process-specific file protection for the UNIX operating system. In: USENIX TC \u201995, Framingham (1995)"},{"key":"7_CR2","unstructured":"Goldberg, et al.: A secure environment for untrusted helper applications. In: USENIX Security\u00a0\u201996, San Jose (1996)"},{"key":"7_CR3","unstructured":"Acharya, et al.: MAPbox: using parameterized behavior classes to confine untrusted applications. In: USENIX SSYM, Denver (2000)"},{"key":"7_CR4","unstructured":"Garfinkel, et al.: Ostia: a delegating architecture for secure system call interposition. In: NDSS \u201904, San Diego (2004)"},{"issue":"2","key":"7_CR5","first-page":"131","volume":"9","author":"M. Bishop","year":"1996","unstructured":"Bishop, M., Digler, M.: Checking for race conditions in file accesses. Comput. Syst. 9(2), Spring 131\u2013152 (1996)","journal-title":"Comput. Syst."},{"key":"7_CR6","volume-title":"Raceguard: kernel protection from temporary file race vulnerabilities","author":"C. Cowan","year":"2001","unstructured":"Cowan, C., et al.: Raceguard: kernel protection from temporary file race vulnerabilities. In: USENIX Security Symposium, Washington, DC (2001)"},{"key":"7_CR7","unstructured":"Tsyrklevich, et al.: Dynamic detection and prevention of race conditions in file accesses. In: USENIX Security, Washington, DC (2003)"},{"key":"7_CR8","unstructured":"Dean, et al.: Fixing races for fun and profit. In: USENIX SSYM, San Diego (2004)"},{"key":"7_CR9","volume-title":"Portably solving file tocttou races with hardness amplification","author":"D. Tsafrir","year":"2008","unstructured":"Tsafrir, D., et al.: Portably solving file tocttou races with hardness amplification. In: USENIX FAST, San Jose (2008)"},{"key":"7_CR10","unstructured":"Chari, S., et al.: Where do you want to go today? Escalating privileges by pathname manipulation. In: NDSS \u201910, San Diego (2010)"},{"key":"7_CR11","doi-asserted-by":"crossref","unstructured":"Cai, X., et al.: Exploiting unix file-system races via algorithmic complexity attacks. In: IEEE SSP \u201909, Cardiff (2009)","DOI":"10.1109\/SP.2009.10"},{"key":"7_CR12","unstructured":"Vijayakumar, H., Schiffman, J., Jaeger, T.: Sting: finding name resolution vulnerabilities in programs. In: Proceedings of the 21st USENIX Security Symposium (USENIX Security 2012), Bellevue (2012)"},{"key":"7_CR13","unstructured":"Levy, H.M.: Capability-Based Computer Systems. Digital Press, Bedford (1984). Available at http:\/\/www.cs.washington.edu\/homes\/levy\/capabook\/"},{"key":"7_CR14","unstructured":"Provos, N.: Improving host security with system call policies. In: USENIX Security \u201903, Washington, DC. USENIX Association, Berkeley (2003)"},{"key":"7_CR15","unstructured":"AppArmor Linux application security, http:\/\/www.novell.com\/linux\/security\/apparmor\/ (2008)"},{"key":"7_CR16","unstructured":"audit2allow, http:\/\/fedoraproject.org\/wiki\/SELinux\/audit2allow (2013)"},{"key":"7_CR17","doi-asserted-by":"crossref","unstructured":"McPhee, W.S.: Operating system integrity in OS\/VS2. IBM Syst. J. 13, 230\u2013252 (1974) [Online]. Available: http:\/\/dx.doi.org\/10.1147\/sj.133.0230","DOI":"10.1147\/sj.133.0230"},{"key":"7_CR18","volume-title":"Distributed Systems","author":"R. Needham","year":"1989","unstructured":"Needham, R.: Chapter: names. In: Mullender, S. (ed) Distributed Systems. Addison-Wesley, Boston (1989)"},{"key":"7_CR19","unstructured":"Domain Names \u2013 Implementation and Specification, http:\/\/www.ietf.org\/rfc\/rfc1035.txt (1987)"},{"key":"7_CR20","doi-asserted-by":"crossref","unstructured":"Vigna, et al.: Testing network-based intrusion detection signatures using mutant exploits. In: ACM CCS, Washington, DC (2004)","DOI":"10.1145\/1030083.1030088"},{"key":"7_CR21","unstructured":"What is \u201cDeep Inspection\u201d? http:\/\/www.ranum.com\/security\/computer_security\/editorials\/deepinspect\/ (2013)"},{"key":"7_CR22","unstructured":"PHP LFI to arbitrary code execution. http:\/\/www.exploit-db.com\/download_pdf\/17010\/ (2011)"},{"key":"7_CR23","doi-asserted-by":"crossref","unstructured":"Balzarotti, et al.: Saner: composing static and dynamic analysis to validate sanitization in web applications. In: IEEE SSP, Oakland (2008)","DOI":"10.1109\/SP.2008.22"},{"key":"7_CR24","unstructured":"Wei, et al.: Tocttou vulnerabilities in unix-style file systems: an anatomical study. In: USENIX FAST \u201905, San Francisco (2005)"},{"issue":"1\u20132","key":"7_CR25","doi-asserted-by":"publisher","first-page":"105","DOI":"10.1007\/s10207-004-0068-2","volume":"4","author":"K. Suk Lhee","year":"2005","unstructured":"Suk Lhee, K., Chapin, S.J.: Detection of file-based race conditions. Int. J. Inf. Secur. 4(1\u20132), 105\u2013119 (2005)","journal-title":"Int. J. Inf. Secur."},{"key":"7_CR26","unstructured":"Borisov, et al.: Fixing races for fun and profit: how to abuse atime. In: USENIX Security \u201906, Baltimore (2005)"},{"key":"7_CR27","doi-asserted-by":"crossref","unstructured":"Sekar, R., Venkatakrishnan, V., Basu, S., Bhatkar, S., DuVarney, D.C.: Model-carrying code: a practical approach for safe execution of untrusted applications. In: Proceedings of the Nineteenth ACM Symposium on Operating Systems Principles, ser. SOSP \u201903, Bolton Landing, pp.\u00a015\u201328. ACM, New York (2003) [Online]. Available: http:\/\/doi.acm.org\/10.1145\/945445.945448","DOI":"10.1145\/1165389.945448"},{"key":"7_CR28","doi-asserted-by":"crossref","unstructured":"Li, et al.: Usable mandatory integrity protection for operating systems. In: IEEE SSP, Madison (2007)","DOI":"10.1109\/SP.2007.37"},{"key":"7_CR29","doi-asserted-by":"crossref","unstructured":"Sun, W., Sekar, R., Poothia, G., Karandikar, T.: Practical proactive integrity protection: a basis for malware defense. In: Proceedings of the 2008 IEEE Symposium on Security and Privacy, Oakland (2008)","DOI":"10.1109\/SP.2008.35"},{"key":"7_CR30","unstructured":"Shankar, U., Jaeger, T., Sailer, R.: Toward automated information-flow integrity verification for security-critical applications. In: Proceedings of the 2006 ISOC Networked and Distributed Systems Security Symposium (NDSS\u201906), San Diego (2006)"},{"key":"7_CR31","doi-asserted-by":"crossref","unstructured":"Krohn, M.N., Yip, A., Brodsky, M., Cliffer, N., Kaashoek, M.F., Kohler, E., Morris, R.: Information flow control for standard OS abstractions. In: Proceedings of the 21st ACM Symposium on Operating Systems Principles, Stevenson, pp.\u00a0321\u2013334 (2007)","DOI":"10.1145\/1323293.1294293"},{"key":"7_CR32","unstructured":"Zeldovich, N., Boyd-Wickizer, S., Kohler, E., Mazi\u00e8res, D.: Making information flow explicit in HiStar. In: Proceedings of the Seventh Symposium on Operating System Design and Implementation, Seattle, pp.\u00a0263\u2013278 (2006)"},{"key":"7_CR33","doi-asserted-by":"crossref","unstructured":"Clark, D.D., Wilson, D.: A comparison of military and commercial security policies. In: 1987 IEEE Symposium on Security and Privacy, Oakland (1987)","DOI":"10.1109\/SP.1987.10001"},{"key":"7_CR34","doi-asserted-by":"crossref","unstructured":"Harris, W., Jha, S., Reps, T.: Difc programs by automatic instrumentation. In: Proceedings of Computer and Communications Security (CCS), Chicago (2010)","DOI":"10.1145\/1866307.1866340"},{"issue":"5","key":"7_CR35","doi-asserted-by":"publisher","first-page":"236","DOI":"10.1145\/360051.360056","volume":"19","author":"D. Denning","year":"1976","unstructured":"Denning, D.: A lattice model of secure information flow. Commun. ACM 19(5), 236\u2013242 (1976)","journal-title":"Commun. ACM"},{"key":"7_CR36","doi-asserted-by":"crossref","unstructured":"Myers, A.C., Liskov, B.: A decentralized model for information flow control. In: Proceedings of the 16th ACM Symposium on Operating System Principles, Saint Malo (1997)","DOI":"10.1145\/268998.266669"},{"key":"7_CR37","volume-title":"Boniface, Jaeger, T., McDaniel, P.: From trusted to secure: building and executing applications that enforce system security","author":"S. Hicks","year":"2007","unstructured":"Hicks, S., Boniface, Jaeger, T., McDaniel, P.: From trusted to secure: building and executing applications that enforce system security. In: Proceedings of the USENIX Annual Technical Conference, Santa Clara. USENIX Association, Berkeley (2007)"},{"key":"7_CR38","doi-asserted-by":"crossref","unstructured":"Liu, J., George, M.D., Vikram, K., Qi, X., Waye, L., Myers, A.C.: Fabric: a platform for secure distributed computation and storage. In: In Proceedings ACM Symposium on Operating Systems Principles, Big Sky, pp.\u00a0321\u2013334 (2009)","DOI":"10.1145\/1629575.1629606"},{"key":"7_CR39","unstructured":"Rueda, S., King, D., Jaeger, T.: Verifying compliance of trusted programs. In: Proceedings of the 17th USENIX Security Symposium, San Jose (2008)"},{"key":"7_CR40","doi-asserted-by":"crossref","unstructured":"Bell, D.E., LaPadula, L.J.: Secure computer system: Unified exposition and Multics interpretation, Deputy for Command and Management Systems, HQ Electronic Systems Division (AFSC), L. G. Hanscom Field, Bedford, MA, Technical Report ESD-TR-75-306, March 1976, also, MITRE Technical Report MTR-2997","DOI":"10.21236\/ADA023588"},{"key":"7_CR41","unstructured":"McIlroy, D., Reeds, J.: Multilevel windows on a single-level terminal. In: Proceedings of the (First) USENIX Security Workshop, Portland (1988)"},{"key":"7_CR42","doi-asserted-by":"crossref","unstructured":"Toll, D.C., Karger, P.A., Palmer, E.R., McIntosh, S.K., Weber, S.: The caernarvon secure embedded operating system. SIGOPS Oper. Syst. Rev. 42(1), 32\u201339 (2008) [Online]. Available: http:\/\/doi.acm.org\/10.1145\/1341312.1341320","DOI":"10.1145\/1341312.1341320"},{"issue":"9","key":"7_CR43","doi-asserted-by":"publisher","first-page":"1278","DOI":"10.1109\/PROC.1975.9939","volume":"63","author":"J.H. Saltzer","year":"1975","unstructured":"Saltzer, J.H., Schroeder, M.D.: The protection of information in computer systems. Proc. IEEE 63(9), 1278\u20131308 (1975)","journal-title":"Proc. IEEE"},{"key":"7_CR44","doi-asserted-by":"crossref","unstructured":"Vijayakumar, H., Jakka, G., Rueda, S., Schiffman, J., Jaeger, T.: Integrity walls: finding attack surfaces from mandatory access control policies. In: Proceedings of the Seventh ACM Symposium on Information, Computer, and Communications Security (ASIACCS 2012), Hangzhou (2012)","DOI":"10.1145\/2414456.2414500"}],"container-title":["Automated Security Management"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-01433-3_7","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,1,19]],"date-time":"2023-01-19T13:00:47Z","timestamp":1674133247000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-01433-3_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783319014326","9783319014333"],"references-count":44,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-01433-3_7","relation":{},"subject":[],"published":{"date-parts":[[2013]]},"assertion":[{"value":"17 September 2013","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}