{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,8]],"date-time":"2024-09-08T00:27:21Z","timestamp":1725755241264},"publisher-location":"Berlin, Heidelberg","reference-count":27,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642417160"},{"type":"electronic","value":"9783642417177"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-642-41717-7_4","type":"book-chapter","created":{"date-parts":[[2013,11,5]],"date-time":"2013-11-05T06:40:29Z","timestamp":1383633629000},"page":"19-27","source":"Crossref","is-referenced-by-count":0,"title":["Towards a Theory of Application Compartmentalisation"],"prefix":"10.1007","author":[{"given":"Robert N. M.","family":"Watson","sequence":"first","affiliation":[]},{"given":"Steven J.","family":"Murdoch","sequence":"additional","affiliation":[]},{"given":"Khilan","family":"Gudka","sequence":"additional","affiliation":[]},{"given":"Jonathan","family":"Anderson","sequence":"additional","affiliation":[]},{"given":"Peter G.","family":"Neumann","sequence":"additional","affiliation":[]},{"given":"Ben","family":"Laurie","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"4_CR1","unstructured":"Accetta, M., Baron, R., Golub, D., Rashid, R., Tevanian, A., Young, M.: Mach: A New Kernel Foundation for UNIX Development. Tech. rep., Computer Science Department, Carnegie Mellon University (August 1986)"},{"key":"4_CR2","unstructured":"Anderson, J.P.: Computer Security Technology Planning Study. Tech. rep., Electronic Systems Division, Air Force Systems Command, Hanscom Field, Bedford, MA 01730 (October 1972)"},{"key":"4_CR3","unstructured":"Andronick, J., Greenaway, D., Elphinstone, K.: Towards proving security in the presence of large untrusted components. In: Proceedings of the 5th Workshop on Systems Software Verification (October 2010)"},{"key":"4_CR4","unstructured":"Bittau, A., Marchenko, P., Handley, M., Karp, B.: Wedge: Splitting Applications into Reduced-Privilege Compartments. In: Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation, pp. 309\u2013322. USENIX Association (2008)"},{"key":"4_CR5","unstructured":"Boebert, W.E., Kain, R.Y.: A practical alternative to hierarchical integrity policies. In: Proceedings of the 8th National Computer Security Conference (1985)"},{"key":"4_CR6","first-page":"5","volume-title":"Proceedings of the 13th Conference on USENIX Security Symposium, SSYM 2004","author":"D. Brumley","year":"2004","unstructured":"Brumley, D., Song, D.: Privtrans: automatically partitioning programs for privilege separation. In: Proceedings of the 13th Conference on USENIX Security Symposium, SSYM 2004, vol.\u00a013, p. 5. USENIX Association, Berkeley (2004)"},{"issue":"3","key":"4_CR7","doi-asserted-by":"publisher","first-page":"143","DOI":"10.1145\/365230.365252","volume":"9","author":"J.B. Dennis","year":"1966","unstructured":"Dennis, J.B., Van Horn, E.C.: Programming semantics for multiprogrammed computations. Commun. ACM\u00a09(3), 143\u2013155 (1966)","journal-title":"Commun. ACM"},{"key":"4_CR8","doi-asserted-by":"crossref","unstructured":"Gudka, K., Watson, R.N.M., Hand, S., Laurie, B., Madhavapeddy, A.: Exploring compartmentalisation hypotheses with SOAAP. In: Proceedings of the Workshop on Adaptive Host and Network Security (AHANS 2012). IEEE (September 2012)","DOI":"10.1109\/SASOW.2012.14"},{"key":"4_CR9","unstructured":"Harris, W.R., Farley, B., Jha, S., Reps, T.: Secure Programming as a Parity Game. Tech. Rep. 1694, University of Wisconsin Madison (July 2011)"},{"key":"4_CR10","doi-asserted-by":"crossref","unstructured":"Karger, P.A.: Limiting the damage potential of discretionary trojan horses. In: IEEE Symposium on Security and Privacy, pp. 32\u201337 (1987)","DOI":"10.1109\/SP.1987.10011"},{"key":"4_CR11","unstructured":"Kilpatrick, D.P.: A Library for Partitioning Applications. In: Proceedings of USENIX Annual Technical Conference, pp. 273\u2013284. USENIX Association (2003)"},{"key":"4_CR12","doi-asserted-by":"publisher","first-page":"107","DOI":"10.1145\/1743546.1743574","volume":"53","author":"G. Klein","year":"2009","unstructured":"Klein, G., Andronick, J., Elphinstone, K., Heiser, G., Cock, D., Derrin, P., Elkaduwe, D., Engelhardt, K., Kolanski, R., Norrish, M., Sewell, T., Tuch, H., Winwood, S.: seL4: formal verification of an operating-system kernel. Commun. ACM\u00a053, 107\u2013115 (2009)","journal-title":"Commun. ACM"},{"issue":"3","key":"4_CR13","doi-asserted-by":"publisher","first-page":"382","DOI":"10.1145\/357172.357176","volume":"4","author":"L. Lamport","year":"1982","unstructured":"Lamport, L., Shostak, R., Pease, M.: The Byzantine generals problem. ACM Transactions on Programming Languages and Systems\u00a04(3), 382\u2013401 (1982)","journal-title":"ACM Transactions on Programming Languages and Systems"},{"key":"4_CR14","first-page":"132","volume-title":"SOSP 1975: Proceedings of the Fifth ACM Symposium on Operating Systems Principles","author":"R. Levin","year":"1975","unstructured":"Levin, R., Cohen, E., Corwin, W., Pollack, F., Wulf, W.: Policy\/mechanism separation in Hydra. In: SOSP 1975: Proceedings of the Fifth ACM Symposium on Operating Systems Principles, pp. 132\u2013140. ACM, New York (1975)"},{"key":"4_CR15","doi-asserted-by":"publisher","first-page":"973","DOI":"10.1145\/1500175.1500361","volume-title":"AFIPS 1974: Proceedings of the National Computer Conference and Exposition","author":"S.B. Lipner","year":"1974","unstructured":"Lipner, S.B., Wulf, W.A., Schell, R.R., Popek, G.J., Neumann, P.G., Weissman, C., Linden, T.A.: Security kernels. In: AFIPS 1974: Proceedings of the National Computer Conference and Exposition, May 6-10, pp. 973\u2013980. ACM, New York (1974)"},{"key":"4_CR16","unstructured":"Loscocco, P.A., Smalley, S.D.: Integrating Flexible Support for Security Policies into the Linux Operating System. In: Proceedings of the USENIX Annual Technical Conference, pp. 29\u201342. USENIX Association (June 2001)"},{"key":"4_CR17","unstructured":"Mettler, A., Wagner, D., Close, T.: Joe-E: A Security-Oriented Subset of Java. In: Proceedings of the Network and Distributed System Security Symposium, NDSS 2010 (February 2010)"},{"key":"4_CR18","unstructured":"Miller, M.S., Samuel, M., Laurie, B., Awad, I., Stay, M.: Caja: Safe active content in sanitized javascript (May 2008), \n                  \n                    http:\/\/google-caja.googlecode.com\/files\/caja-spec-2008-06-07.pdf"},{"key":"4_CR19","unstructured":"Neumann, P.G.: Principled assuredly trustworthy composable architectures. Tech. rep., Computer Science Laboratory, SRI International, Menlo Park (December 2004)"},{"key":"4_CR20","unstructured":"Neumann, P.G., Boyer, R.S., Feiertag, R.J., Levitt, K.N., Robinson, L.: A Provably Secure Operating System: The System, Its Applications, and Proofs, Second Edition. Tech. Rep. CSL-116, Computer Science Laboratory, SRI International (May 1980)"},{"key":"4_CR21","first-page":"16","volume-title":"Proceedings of the 12th Conference on USENIX Security Symposium SSYM 2003","author":"N. Provos","year":"2003","unstructured":"Provos, N., Friedl, M., Honeyman, P.: Preventing privilege escalation. In: Proceedings of the 12th Conference on USENIX Security Symposium SSYM 2003, vol.\u00a012, p. 16. USENIX Association, Berkeley (2003)"},{"key":"4_CR22","first-page":"219","volume-title":"EuroSys 2009: Proceedings of the 4th ACM European Conference on Computer Systems","author":"C. Reis","year":"2009","unstructured":"Reis, C., Gribble, S.D.: Isolating web programs in modern browser architectures. In: EuroSys 2009: Proceedings of the 4th ACM European Conference on Computer Systems, pp. 219\u2013232. ACM, New York (2009)"},{"key":"4_CR23","doi-asserted-by":"crossref","unstructured":"Robertson, P., Laddaga, R.: Adaptive security and trust. In: Proceedings of the Workshop on Adative Host and Network Security. IEEE (Septmeber 2012)","DOI":"10.1109\/SASOW.2012.18"},{"key":"4_CR24","volume-title":"SOSP 1973: Proceedings of the fourth ACM Symposium on Operating System Principles","author":"J.H. Saltzer","year":"1973","unstructured":"Saltzer, J.H.: Protection and control of information sharing in Multics. In: SOSP 1973: Proceedings of the fourth ACM Symposium on Operating System Principles. ACM, New York (1973)"},{"issue":"9","key":"4_CR25","doi-asserted-by":"publisher","first-page":"1278","DOI":"10.1109\/PROC.1975.9939","volume":"63","author":"J.H. Saltzer","year":"1975","unstructured":"Saltzer, J.H., Schroeder, M.D.: The protection of information in computer systems. Proceedings of the IEEE\u00a063(9), 1278\u20131308 (1975)","journal-title":"Proceedings of the IEEE"},{"key":"4_CR26","volume-title":"Proceedings of the 19th USENIX Security Symposium","author":"R.N.M. Watson","year":"2010","unstructured":"Watson, R.N.M., Anderson, J., Laurie, B., Kennaway, K.: Capsicum: Practical capabilities for UNIX. In: Proceedings of the 19th USENIX Security Symposium. USENIX Association, Berkeley (2010)"},{"key":"4_CR27","volume-title":"Computer and Its Operating System","author":"M. Wilkes","year":"1979","unstructured":"Wilkes, M., Needham, R., The Cambridge, C.A.P.: Computer and Its Operating System. Elsevier North Holland, New York (1979)"}],"container-title":["Lecture Notes in Computer Science","Security Protocols XXI"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-41717-7_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,24]],"date-time":"2019-05-24T02:50:21Z","timestamp":1558666221000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-41717-7_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783642417160","9783642417177"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-41717-7_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2013]]}}}