{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T19:56:46Z","timestamp":1725566206133},"publisher-location":"Berlin, Heidelberg","reference-count":39,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540232087"},{"type":"electronic","value":"9783540301448"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2004]]},"DOI":"10.1007\/978-3-540-30144-8_20","type":"book-chapter","created":{"date-parts":[[2010,9,19]],"date-time":"2010-09-19T00:34:45Z","timestamp":1284856485000},"page":"231-244","source":"Crossref","is-referenced-by-count":3,"title":["A Distributed High Assurance Reference Monitor"],"prefix":"10.1007","author":[{"given":"Ajay","family":"Chander","sequence":"first","affiliation":[]},{"given":"Drew","family":"Dean","sequence":"additional","affiliation":[]},{"given":"John","family":"Mitchell","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"issue":"4","key":"20_CR1","doi-asserted-by":"publisher","first-page":"706","DOI":"10.1145\/155183.155225","volume":"15","author":"M. Abadi","year":"1993","unstructured":"Abadi, M., Burrows, M., Lampson, B., Plotkin, G.: A calculus for access control in distributed systems. TOPLAS\u00a015(4), 706\u2013734 (1993)","journal-title":"TOPLAS"},{"key":"20_CR2","unstructured":"Anderson, J.P.: Computer security technology planning study. Technical Report ESD-TR-73-51, U.S. Air Force, Electronic Systems Division, Deputy for Command and Management Systems, HQ Electronic Systems Division (AFSC), L. G. Hanscom Field, Bedford, MA 01730 USA, Volume 2, pp. 58\u201369 (October 1972)"},{"key":"20_CR3","doi-asserted-by":"crossref","unstructured":"Appel, A.W., Felten, E.W.: Proof-carrying authentication. In: ACM Conference on Computer and Communications Security, pp. 52\u201362 (1999)","DOI":"10.1145\/319709.319718"},{"key":"20_CR4","unstructured":"Bauer, L., Schneider, M.A., Felten, E.W.: A general and flexible access-control system for the web. In: Proc. of the 11th USENIX Security Symposium, San Francisco, CA (August 2002)"},{"key":"20_CR5","doi-asserted-by":"crossref","unstructured":"Berson, T.A., Barksdale, G.L.: KSOS: Development methodology for a secure operating system. In: AFIPS Conference Proc., National Computer Conference, vol.\u00a048, pp. 365\u2013371 (1979)","DOI":"10.1109\/MARK.1979.8817195"},{"key":"20_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"59","DOI":"10.1007\/3-540-49135-X_9","volume-title":"Security Protocols","author":"M. Blaze","year":"1999","unstructured":"Blaze, M., Feigenbaum, J., Keromytis, A.D.: KeyNote: Trust management for public-key infrastructures. In: Christianson, B., Crispo, B., Harbison, W.S., Roe, M. (eds.) Security Protocols 1998. LNCS, vol.\u00a01550, pp. 59\u201363. Springer, Heidelberg (1999)"},{"key":"20_CR7","doi-asserted-by":"crossref","unstructured":"Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Proc. of the 1996 IEEE Symposium on Research in Security and Privacy, Oakland, CA, May 1996, pp. 164\u2013173 (1996)","DOI":"10.1109\/SECPRI.1996.502679"},{"key":"20_CR8","doi-asserted-by":"crossref","unstructured":"Boebert, W.E., Kain, R.Y., Young, W.D., Hansohn, S.A.: Secure Ada target: Issues, system design, and verification. In: Proc. of the 1985 IEEE Symposium on Security and Privacy, Oakland, CA, May 1985, pp. 176\u2013190 (1985)","DOI":"10.1109\/SP.1985.10022"},{"key":"20_CR9","doi-asserted-by":"crossref","unstructured":"Chander, A., Dean, D., Mitchell, J.: A state-transition model of trust management and access control. In: Proc. of the 14th IEEE Computer Security Foundations Workshop, June 2001, pp. 27\u201343 (2001)","DOI":"10.1109\/CSFW.2001.930134"},{"issue":"1","key":"20_CR10","doi-asserted-by":"crossref","first-page":"131","DOI":"10.3233\/JCS-2004-12106","volume":"12","author":"A. Chander","year":"2004","unstructured":"Chander, A., Dean, D., Mitchell, J.C.: Reconstructing trust management. Journal of Computer Security\u00a012(1), 131\u2013164 (2004)","journal-title":"Journal of Computer Security"},{"key":"20_CR11","doi-asserted-by":"crossref","unstructured":"Chen, H., Wagner, D.: MOPS: An infrastructure for examining security properties of software. In: Proc. of the 9th ACM Conference on Computer and Communication Security, Washington D.C, November 2002, pp. 235\u2013244 (2002)","DOI":"10.1145\/586110.586142"},{"key":"20_CR12","unstructured":"Chen, H., Wagner, D., Dean, D.: Setuid demystified. In: Proc. of the 11th USENIX Security Symposium, San Francisco, CA, August 2002, pp. 171\u2013190 (2002)"},{"issue":"4","key":"20_CR13","doi-asserted-by":"crossref","first-page":"285","DOI":"10.3233\/JCS-2001-9402","volume":"9","author":"D. Clarke","year":"2001","unstructured":"Clarke, D., Elien, J.-E., Ellison, C., Fredette, M., Morcos, A., Rivest, R.L.: Certificate chain discovery in SPKI\/SDSI. Journal of Computer Security\u00a09(4), 285\u2013322 (2001)","journal-title":"Journal of Computer Security"},{"key":"20_CR14","doi-asserted-by":"crossref","unstructured":"Clarke, D.E.: SPKI\/SDSI http server \/ certificate chain discovery in SPKI\/SDSI. Master\u2019s thesis, Massachusetts Institute of Technology (2001)","DOI":"10.3233\/JCS-2001-9402"},{"key":"20_CR15","doi-asserted-by":"crossref","unstructured":"Ellison, C., Frantz, B., Lampson, B., Rivest, R., Thomas, B., Ylonen, T.: SPKI certificate theory. RFC 2693 (September 1999)","DOI":"10.17487\/rfc2693"},{"key":"20_CR16","doi-asserted-by":"crossref","unstructured":"Engler, D.R., Kaashoek, M.F., O\u2019Toole Jr., J.: Exokernel: an operating system architecture for application-level resource management. In: Proc. of the 15th ACM Symposium on Operating Systems Principles (SOSP 1995), Copper Mountain, CO, December 1995, pp. 251\u2013266 (1995)","DOI":"10.1145\/224056.224076"},{"issue":"7","key":"20_CR17","doi-asserted-by":"crossref","first-page":"26","DOI":"10.1109\/MC.1983.1654440","volume":"16","author":"L.J. Fraim","year":"1983","unstructured":"Fraim, L.J.: SCOMP: A solution to the multilevel security problem. IEEE Computer\u00a016(7), 26\u201334 (1983)","journal-title":"IEEE Computer"},{"issue":"1","key":"20_CR18","doi-asserted-by":"crossref","first-page":"59","DOI":"10.1109\/TSE.1975.6312820","volume":"1","author":"D.I. Good","year":"1975","unstructured":"Good, D.I., London, R.L., Bledsoe, W.W.: An interactive program verification system. IEEE Transactions on Software Engineering\u00a01(1), 59\u201367 (1975)","journal-title":"IEEE Transactions on Software Engineering"},{"key":"20_CR19","unstructured":"Gutmann, P.: The Design and Verification of a Cryptographic Security Architecture. PhD thesis, Department of Computer Science, University of Auckland (August 2000)"},{"key":"20_CR20","doi-asserted-by":"crossref","unstructured":"Hartman, B.: A Gypsy-based kernel. In: Proc. of the 1984 IEEE Symposium on Security and Privacy, Oakland, CA, May 1984, pp. 219\u2013225 (1984)","DOI":"10.1109\/SP.1984.10004"},{"key":"20_CR21","unstructured":"Foderaro, J.: AllegroServe \u2013 A Web Application Server (Franz. Inc.), http:\/\/allegroserve.sourceforge.net\/"},{"key":"20_CR22","doi-asserted-by":"publisher","first-page":"445","DOI":"10.1016\/S0304-3975(96)00163-6","volume":"173","author":"S. Karhs","year":"1997","unstructured":"Karhs, S., Sannella, D., Tarlecki, A.: The definition of Extended ML: a gentle introduction. Theoretical Computer Science\u00a0173, 445\u2013484 (1997)","journal-title":"Theoretical Computer Science"},{"key":"20_CR23","first-page":"437","volume-title":"Proc. of the 5th Annual Princeton Conference on Information Sciences and Systems","author":"B. Lampson","year":"1971","unstructured":"Lampson, B.: Protection. In: Proc. of the 5th Annual Princeton Conference on Information Sciences and Systems, pp. 437\u2013443. Princeton University Press, Princeton (1971)"},{"issue":"1","key":"20_CR24","doi-asserted-by":"crossref","first-page":"35","DOI":"10.3233\/JCS-2003-11102","volume":"11","author":"N. Li","year":"2003","unstructured":"Li, N., Winsborough, W., Mitchell, J.C.: Distributed credential chain discovery in trust management. Journal of Computer Security\u00a011(1), 35\u201386 (2003)","journal-title":"Journal of Computer Security"},{"key":"20_CR25","unstructured":"Locasso, R., Scheid, J., Schorre, D.V., Eggert, P.R.: The Ina Jo Specification Language Reference Manual. In: System Development Corporation, Santa Monica, CA (November 1980)"},{"key":"20_CR26","doi-asserted-by":"crossref","unstructured":"Luckham, D.C., German, S.M., von Henke, F.W., Karp, R.A., Milne, P.W., Oppen, D.C., Polak, W., Scherlis, W.L.: Stanford Pascal Verifier user manual. CSD Report STAN-CS-79-731, Stanford University, Stanford, CA (March 1979)","DOI":"10.21236\/ADA071900"},{"key":"20_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"367","DOI":"10.1007\/3-540-44988-4_21","volume-title":"Application and Theory of Petri Nets 2000","author":"K.H. Mortensen","year":"2000","unstructured":"Mortensen, K.H.: Automatic code generation method based on coloured petri net models applied on an access control system. In: Nielsen, M., Simpson, D. (eds.) ICATPN 2000. LNCS, vol.\u00a01825, pp. 367\u2013386. Springer, Heidelberg (2000)"},{"key":"20_CR28","first-page":"59","volume-title":"First Workshop on Internet Server Performance","author":"D. Mosberger","year":"1998","unstructured":"Mosberger, D., Jin, T.: httperf: A tool for measuring web server performance. In: First Workshop on Internet Server Performance, June 1998, pp. 59\u201367. ACM, New York (1998)"},{"key":"20_CR29","doi-asserted-by":"crossref","unstructured":"Necula, G.C.: Proof-carrying code. In: Conference Record of POPL 1997: The 24th ACM Symposium on Principles of Programming Languages, Paris, France, January 1997, pp. 106\u2013119 (1997)","DOI":"10.1145\/263699.263712"},{"key":"20_CR30","doi-asserted-by":"publisher","first-page":"229","DOI":"10.1145\/238721.238781","volume-title":"2nd Symposium on Operating Systems Design and Implementation (OSDI 1996)","author":"G.C. Necula","year":"1996","unstructured":"Necula, G.C., Lee, P.: Safe kernel extensions without run-time checking. In: USENIX (ed.) 2nd Symposium on Operating Systems Design and Implementation (OSDI 1996), Seattle, WA, October 28\u201331, pp. 229\u2013243. USENIX, Berkeley (1996)"},{"key":"20_CR31","unstructured":"Neumann, P.G., Boyer, R.S., Feiertag, R.J., Levitt, K.N., Robinson, L.: A provably secure operating system: The system, its applications, and proofs. Technical Report CSL-116, 2nd Ed., SRI International (May 1980)"},{"key":"20_CR32","unstructured":"Owre, S., Shankar, N., Rushby, J.M., Stringer-Calvert, D.W.J.: PVS Language Reference, Version 2.3. SRI International (September 1999), http:\/\/pvs.csl.sri.com\/"},{"key":"20_CR33","series-title":"Lecture Notes in Artificial Intelligence","doi-asserted-by":"publisher","first-page":"202","DOI":"10.1007\/3-540-48660-7_14","volume-title":"Automated Deduction - CADE-16","author":"F. Pfenning","year":"1999","unstructured":"Pfenning, F., Sch\u00fcrmann, C.: System description: Twelf \u2014 A metalogical framework for deductive systems. In: Ganzinger, H. (ed.) CADE 1999. LNCS (LNAI), vol.\u00a01632, pp. 202\u2013206. Springer, Heidelberg (1999)"},{"key":"20_CR34","unstructured":"Reed, D.P.: Naming and synchronization in a decentralized computer system. Technical Report MIT\/LCS\/TR-205, Massachusetts Institute of Technology, Also Ph.D. thesis (September 1978)"},{"key":"20_CR35","unstructured":"Rescorla, E.: An introduction to OpenSSL programming, Part I. Originally appeared in the Linux Journal (2001), http:\/\/www.rtfm.com\/openssl-examples\/part1.pdf"},{"key":"20_CR36","unstructured":"Rivest, R., Lampson, B.: SDSI\u2013A Simple Distributed Security Infrastructure (October 1996), http:\/\/theory.lcs.mit.edu\/~rivest\/sdsi11.html"},{"key":"20_CR37","unstructured":"Rushby, J.: Noninterference, transitivity, and channel-control policies. Technical Report SRI-CSL-92-02, SRI International (December 1992)"},{"key":"20_CR38","unstructured":"U.S. D.O.D. Trusted Computer System Evaluation Criteria (\u2018Orange Book\u2019) (1983)"},{"key":"20_CR39","unstructured":"Vecellio, G., Thomas, W.: Issues in the assurance of component-based software. In: Proc. of the, Workshop on Continuing Collaborations for Successful COTS Development (ICSE2000), Limerick, Ireland (2000), http:\/\/wwwsel.iit.nrc.ca\/projects\/cots\/icse2000wkshp\/Papers\/14.pdf"}],"container-title":["Lecture Notes in Computer Science","Information Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-30144-8_20.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,5,3]],"date-time":"2021-05-03T03:52:28Z","timestamp":1620013948000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-30144-8_20"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2004]]},"ISBN":["9783540232087","9783540301448"],"references-count":39,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-30144-8_20","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2004]]}}}