{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,4]],"date-time":"2024-09-04T23:17:41Z","timestamp":1725491861048},"publisher-location":"Berlin, Heidelberg","reference-count":28,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540756507"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1007\/978-3-540-75651-4_15","type":"book-chapter","created":{"date-parts":[[2007,9,21]],"date-time":"2007-09-21T07:01:07Z","timestamp":1190358067000},"page":"214-229","source":"Crossref","is-referenced-by-count":0,"title":["Enforcement of Integrated Security Policy in Trusted Operating Systems"],"prefix":"10.1007","author":[{"given":"Hyung Chan","family":"Kim","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"R. S.","family":"Ramakrishna","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Wook","family":"Shin","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kouichi","family":"Sakurai","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"15_CR1","unstructured":"Alphe One. Smashing the stack for fun and profit. Phrack Magazine 7 (49), File 14 of 16 (1996)"},{"key":"15_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"235","DOI":"10.1007\/11689522_22","volume-title":"Information Security Practice and Experience","author":"H.C. Kim","year":"2006","unstructured":"Kim, H.C., Shin, W., Ramakrishna, R.S., Sakurai, K.: Design and implementation of an extended reference monitor for trusted operating systems. In: Chen, K., Deng, R., Lai, X., Zhou, J. (eds.) ISPEC 2006. LNCS, vol.\u00a03903, pp. 235\u2013247. Springer, Heidelberg (2006)"},{"issue":"3","key":"15_CR3","doi-asserted-by":"publisher","first-page":"619","DOI":"10.1093\/ietisy\/e88-d.3.619","volume":"E88-D","author":"W. Shin","year":"2005","unstructured":"Shin, W., Park, J.Y., Lee, D.I.: Extended role based access control with procedural constraints for trusted operating systems. IEICE Trans. Inf. & Syst.\u00a0E88-D(3), 619\u2013627 (2005)","journal-title":"IEICE Trans. Inf. & Syst."},{"key":"15_CR4","unstructured":"Lowery, J.C.: A Tour of TOCTTOUs. SANS GSEC practical v.1.4b (August 2002)"},{"key":"15_CR5","unstructured":"Badger, L., Sterne, D.F., Sherman, D.L., Walker, K.M., Haghighat, S.A.: A domain and type enforcement unix prototype. In: Proc. of the 5th USENIX UNIX Security Symposium (1995)"},{"issue":"2","key":"15_CR6","doi-asserted-by":"crossref","first-page":"38","DOI":"10.1109\/2.485845","volume":"29","author":"R.S. Sandhu","year":"1996","unstructured":"Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Chandramouli, R.: Role-based access control models. IEEE Comput.\u00a029(2), 38\u201347 (1996)","journal-title":"IEEE Comput."},{"key":"15_CR7","series-title":"Lecture Notes in Artificial Intelligence","doi-asserted-by":"publisher","first-page":"452","DOI":"10.1007\/3-540-45632-5_17","volume-title":"Computational Logic: Logic Programming and Beyond","author":"R. Miller","year":"2002","unstructured":"Miller, R., Shanahan, M.: Some Alternative Formulations of the Event Calculus. In: Kakas, A.C., Sadri, F. (eds.) Computational Logic: Logic Programming and Beyond. LNCS (LNAI), vol.\u00a02408, pp. 452\u2013490. Springer, Heidelberg (2002)"},{"key":"15_CR8","unstructured":"Kim, H.C., et al.: On the privilege transitional attack in secure operating systems. In: CSS 2004. Proc. of Computer Security Symposium 2004, vol.\u00a0II, pp. 559\u2013564 (2004)"},{"key":"15_CR9","unstructured":"Loscocco, P., Smalley, S.: Integrating flexible support for security policies into the linux operating system. In: USENIX Annual Tech. Conf. (2001)"},{"key":"15_CR10","unstructured":"Abrams, M.D., LaPadula, L.J., Eggers, K.W., Olson, I.M.: A generalized framework for access control: An informal description. In: Proc. of the 13th Nat\u2019l Comput. Sec. Conf. pp. 135\u2013143 (1990)"},{"key":"15_CR11","unstructured":"Spencer, R., Smalley, S., Loscocco, P., Hibler, M., Andersen, D., Lepreau, J.: The flask security architecture: system support for diverse security policies. In: Proc. of The 8th USENIX Sec. Symp. pp. 123\u2013139 (1999)"},{"key":"15_CR12","unstructured":"Wright, C., Cowan, C., Morris, J., Smalley, S., KroahHartman, G.: Linux Security Modules: General Security Support for the Linux Kernel. In: Proc. of USENIX Security Symposium (2002)"},{"key":"15_CR13","unstructured":"Ott, A.: The rule set based access control linux kernel security extension. In: Int\u2019l Linux Kongress 2001 (2001), \n \n http:\/\/www.rsbac.org"},{"key":"15_CR14","unstructured":"Spengler, B.: Increasing performance and granularity in role-based access control systems (A case study in Grsecurity), \n \n http:\/\/www.grsecurity.net\/"},{"issue":"1","key":"15_CR15","doi-asserted-by":"publisher","first-page":"36","DOI":"10.1145\/504909.504911","volume":"5","author":"M. Bernaschi","year":"2002","unstructured":"Bernaschi, M., Gabrielli, E., Mancini, L.V.: REMUS: A security-enhanced operating system. ACM Trans. on Inf. & Syst. Sec.\u00a05(1), 36\u201361 (2002)","journal-title":"ACM Trans. on Inf. & Syst. Sec."},{"issue":"1","key":"15_CR16","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1145\/353323.353382","volume":"3","author":"F.B. Schneider","year":"2000","unstructured":"Schneider, F.B.: Enforceable security policies. ACM Trans. on Inf. & Syst. Sec.\u00a03(1), 30\u201350 (2000)","journal-title":"ACM Trans. on Inf. & Syst. Sec."},{"key":"15_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"291","DOI":"10.1007\/978-3-540-39650-5_17","volume-title":"Computer Security \u2013 ESORICS 2003","author":"J. Zimmermann","year":"2003","unstructured":"Zimmermann, J., M\u00e9, L., Bidan, C.: An improved reference flow control model for policy-based intrusion detection. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol.\u00a02808, pp. 291\u2013308. Springer, Heidelberg (2003)"},{"key":"15_CR18","unstructured":"Linux intrusion detection system, \n \n http:\/\/www.lids.org\/"},{"issue":"2","key":"15_CR19","doi-asserted-by":"publisher","first-page":"173","DOI":"10.1145\/762476.762477","volume":"6","author":"S.N. Chari","year":"2003","unstructured":"Chari, S.N., Cheng, P.: BlueBox: A policy-driven, host-based intrusion detection system. ACM Trans. on Inf. & Syst. Sec.\u00a06(2), 173\u2013200 (2003)","journal-title":"ACM Trans. on Inf. & Syst. Sec."},{"key":"15_CR20","unstructured":"Sekar, R., Bowen, T., Segal, M.: On preventing intrusions by process behavior monitoring. In: Proc. of Workshop on Intrusion Detection and Network Monitoring, pp. 29\u201340 (1999)"},{"key":"15_CR21","doi-asserted-by":"crossref","unstructured":"Erlingsson, U., Schenider, F.B.: SASI enforcement of security policies: a retrospective. In: Proc. of the New Security Paradigm Workshop, pp. 87\u201395 (1999)","DOI":"10.1109\/DISCEX.2000.821527"},{"key":"15_CR22","series-title":"Lecture Notes in Artificial Intelligence","doi-asserted-by":"publisher","first-page":"1300","DOI":"10.1007\/3-540-44957-4_87","volume-title":"Computational Logic - CL 2000","author":"S. Baker","year":"2000","unstructured":"Baker, S.: Data protection by logic programming. In: Palamidessi, C., Moniz Pereira, L., Lloyd, J.W., Dahl, V., Furbach, U., Kerber, M., Lau, K.-K., Sagiv, Y., Stuckey, P.J. (eds.) CL 2000. LNCS (LNAI), vol.\u00a01861, pp. 1300\u20131314. Springer, Heidelberg (2000)"},{"key":"15_CR23","doi-asserted-by":"crossref","unstructured":"Efstratiou, C., Friday, A., Davies, N., Cheverst, K.: Utilising the event calculus for policy driven adaptation on mobile systems. In:(Policy 2002) Proc. of the 3rd Int\u2019l Workshop on Policies for Distributed Systems and Networks (2002)","DOI":"10.1109\/POLICY.2002.1011289"},{"key":"15_CR24","doi-asserted-by":"crossref","unstructured":"Bandara, A.K., Lupu, E.C., Russo, A.: Using event calculus to formalise policy specification and analysis. In:(Policy 2003). Proc. of the 4th Int\u2019l Workshop on Policies for Distributed Systems and Networks (2003)","DOI":"10.1109\/POLICY.2003.1206955"},{"key":"15_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"460","DOI":"10.1007\/11560326_40","volume-title":"Computer Network Security","author":"A. Tishkov","year":"2005","unstructured":"Tishkov, A., Kotenko, I., Sidelnikova, E.: Security checker architecture for policy-based security management. In: Gorodetsky, V., Kotenko, I., Skormin, V.A. (eds.) MMM-ACNS 2005. LNCS, vol.\u00a03685, pp. 460\u2013465. Springer, Heidelberg (2005)"},{"issue":"2","key":"15_CR26","doi-asserted-by":"publisher","first-page":"175","DOI":"10.1145\/996943.996944","volume":"7","author":"T. Jaeger","year":"2004","unstructured":"Jaeger, T., Edwards, A., Zhang, X.: Consistency analysis of authorization hook placement in the linux security modules framework. ACM Trans. on Info. and Syst. Sec.\u00a07(2), 175\u2013205 (2004)","journal-title":"ACM Trans. on Info. and Syst. Sec."},{"key":"15_CR27","unstructured":"UnixBench, \n \n http:\/\/www.tux.org\/pub\/tux\/benchmarks\/System\/unixbench\/"},{"key":"15_CR28","unstructured":"PLY, \n \n http:\/\/www.dabeaz.com\/ply\/"}],"container-title":["Lecture Notes in Computer Science","Advances in Information and Computer Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-75651-4_15.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,27]],"date-time":"2021-04-27T10:26:38Z","timestamp":1619519198000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-75651-4_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"ISBN":["9783540756507"],"references-count":28,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-75651-4_15","relation":{},"subject":[]}}