{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,8]],"date-time":"2024-09-08T17:55:04Z","timestamp":1725818104505},"publisher-location":"Cham","reference-count":23,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319156170"},{"type":"electronic","value":"9783319156187"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-15618-7_14","type":"book-chapter","created":{"date-parts":[[2015,2,26]],"date-time":"2015-02-26T20:10:31Z","timestamp":1424981431000},"page":"178-195","source":"Crossref","is-referenced-by-count":6,"title":["Producing Hook Placements to Enforce Expected Access Control Policies"],"prefix":"10.1007","author":[{"given":"Divya","family":"Muthukumaran","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Nirupama","family":"Talele","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Trent","family":"Jaeger","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Gang","family":"Tan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"14_CR1","unstructured":"F.38. sepgsql (2013), \n                    \n                      http:\/\/www.postgresql.org\/docs\/9.1\/static\/sepgsql.html"},{"key":"14_CR2","doi-asserted-by":"crossref","unstructured":"Anderson, J.P.: Computer security technology planning study, volume II. Technical Report ESD-TR-73-51, HQ Electronics Systems Division (AFSC) (October 1972)","DOI":"10.21236\/AD0772806"},{"key":"14_CR3","doi-asserted-by":"crossref","unstructured":"Bell, D.E., LaPadula, L.J.: Secure computer system: Unified exposition and Multics interpretation. Technical Report ESD-TR-75-306, HQ Electronic Systems Division (AFSC) (March 1976)","DOI":"10.21236\/ADA023588"},{"key":"14_CR4","unstructured":"Carter, J.: Using GConf as an Example of How to Create an Userspace Object Manager. In: 2007 SELinux Symposium (2007)"},{"key":"14_CR5","unstructured":"Walsh, D.: Selinux\/apache, \n                    \n                      http:\/\/fedoraproject.org\/wiki\/SELinux\/apache"},{"key":"14_CR6","doi-asserted-by":"crossref","unstructured":"Edwards, A., Jaeger, T., Zhang, X.: Runtime verification of authorization hook placement for the Linux security modules framework. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 225\u2013234 (2002)","DOI":"10.1145\/586139.586141"},{"key":"14_CR7","doi-asserted-by":"crossref","unstructured":"Ganapathy, V., Jaeger, T., Jha, S.: Automatic placement of authorization hooks in the Linux Security Modules framework. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, pp. 330\u2013339 ( November 2005)","DOI":"10.1145\/1102120.1102164"},{"key":"14_CR8","doi-asserted-by":"crossref","unstructured":"Ganapathy, V., Jaeger, T., Jha, S.: Retrofitting legacy code for authorization policy enforcement. In: Proceedings of the 2006 IEEE Symposium on Security and Privacy, pp. 214\u2013229 (May 2006)","DOI":"10.1109\/SP.2006.34"},{"key":"14_CR9","doi-asserted-by":"crossref","unstructured":"Ganapathy, V., King, D., Jaeger, T., Jha, S.: Mining security-sensitive operations in legacy code using concept analysis. In: Proceedings of the 29th International Conference on Software Engineering (ICSE) (May 2007)","DOI":"10.1109\/ICSE.2007.54"},{"key":"14_CR10","unstructured":"Gong, L., Schemers, R.: Implementing protection domains in the javatm development kit 1.2. In: NDSS (1998)"},{"key":"14_CR11","unstructured":"Love, R.: Get on the D-BUS (January 2005), \n                    \n                      http:\/\/www.linuxjournal.com\/article\/7744"},{"key":"14_CR12","unstructured":"Multilevel security in the department of defense: The basics (1995), \n                    \n                      http:\/\/nsi.org\/Library\/Compsec\/sec0.html"},{"key":"14_CR13","doi-asserted-by":"crossref","unstructured":"Muthukumaran, D., Jaeger, T., Ganapathy, V.: Leveraging \u201cchoice\u201d to automate authorization hook placement. In: CCS 2012: Proceedings of the 19th ACM Conference on Computer and Communications Security, page TBD. ACM Press (October 2012)","DOI":"10.1145\/2382196.2382215"},{"key":"14_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"213","DOI":"10.1007\/3-540-45937-5_16","volume-title":"Compiler Construction","author":"G.C. Necula","year":"2002","unstructured":"Necula, G.C., McPeak, S., Rahul, S.P., Weimer, W.: Cil: Intermediate language and tools for analysis and transformation of c programs. In: Nigel Horspool, R. (ed.) CC 2002. LNCS, vol.\u00a02304, pp. 213\u2013228. Springer, Heidelberg (2002)"},{"key":"14_CR15","unstructured":"Politz, J.G., Eliopoulos, S.A., Guha, A., Krishnamurthi, S.: Adsafety: type-based verification of javascript sandboxing. In: Proceedings of the 20th USENIX Conference on Security, SEC 2011, p. 12. USENIX Association (2011)"},{"key":"14_CR16","unstructured":"SE-PostgreSQL? (2009), http:\/\/archives.postgresql.org\/message-id\/20090718160600.GE5172@fetter.org"},{"key":"14_CR17","doi-asserted-by":"crossref","unstructured":"Son, S., McKinley, K.S., Shmatikov, V.: Rolecast: finding missing security checks when you do not know what checks are. In: Proceedings of the 2011 ACM International Conference on Object Oriented Programming Systems Languages and Applications, OOPSLA 2011, pp. 1069\u20131084. ACM (2011)","DOI":"10.1145\/2048066.2048146"},{"key":"14_CR18","unstructured":"Sun, F., Xu, L., Su, Z.: Static detection of access control vulnerabilities in web applications. In: Proceedings of the 20th USENIX Conference on Security, SEC 2011, p. 11. USENIX Association (2011)"},{"key":"14_CR19","unstructured":"Tan, L., Zhang, X., Ma, X., Xiong, W., Zhou, Y.: Autoises: automatically inferring security specifications and detecting violations. In: Proceedings of the 17th Conference on Security Symposium, pp. 379\u2013394. USENIX Association (2008)"},{"key":"14_CR20","unstructured":"Implement keyboard and event security in X using XACE (2006), \n                    \n                      https:\/\/dev.laptop.org\/ticket\/260"},{"key":"14_CR21","unstructured":"Implement keyboard and event security in X using XACE (2006), \n                    \n                      https:\/\/dev.laptop.org\/ticket\/260"},{"key":"14_CR22","unstructured":"Xorg-Server Announcement (2008), \n                    \n                      http:\/\/lists.x.org\/archives\/xorg-announce\/2008-March\/000458.html"},{"key":"14_CR23","unstructured":"Zhang, X., Edwards, A., Jaeger, T.: Using CQUAL for static analysis of authorization hook placement. In: Proceedings of the 11th USENIX Security Symposium, pp. 33\u201348 (August 2002)"}],"container-title":["Lecture Notes in Computer Science","Engineering Secure Software and Systems"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-15618-7_14","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,29]],"date-time":"2019-05-29T07:30:09Z","timestamp":1559115009000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-15618-7_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319156170","9783319156187"],"references-count":23,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-15618-7_14","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2015]]}}}