{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2023,9,13]],"date-time":"2023-09-13T20:07:58Z","timestamp":1694635678081},"reference-count":70,"publisher":"Springer Science and Business Media LLC","issue":"1-2","license":[{"start":{"date-parts":[[2008,11,20]],"date-time":"2008-11-20T00:00:00Z","timestamp":1227139200000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Ann. Telecommun."],"published-print":{"date-parts":[[2009,2]]},"DOI":"10.1007\/s12243-008-0071-0","type":"journal-article","created":{"date-parts":[[2008,11,19]],"date-time":"2008-11-19T08:05:03Z","timestamp":1227081903000},"page":"121-146","source":"Crossref","is-referenced-by-count":7,"title":["A component-based policy-neutral architecture for kernel-level access control"],"prefix":"10.1007","volume":"64","author":[{"given":"Marc","family":"Lacoste","sequence":"first","affiliation":[]},{"given":"Tahar","family":"Jarboui","sequence":"additional","affiliation":[]},{"given":"Ruan","family":"He","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2008,11,20]]},"reference":[{"key":"71_CR1","unstructured":"Abrams M, Eggers K, La Padula L, Olson I (1990) A generalized framework for access control: an informal description. Proceedings of the National Computer Security Conference"},{"key":"71_CR2","doi-asserted-by":"crossref","unstructured":"Badger L, Sterne D, Sherman D, Walker K, Haghinghat S (1995) Practical domain and type enforcement for UNIX. Proceedings of the IEEE Symposium on Security and Privacy, pp 66\u201377","DOI":"10.1109\/SECPRI.1995.398923"},{"key":"71_CR3","volume-title":"Secure computer system: unified exposition and multics interpretation. Technical report no MTR-2997","author":"D Bell","year":"1975","unstructured":"Bell D, La Padula L (1975) Secure computer system: unified exposition and Multics interpretation. Technical report no MTR-2997. MITRE Corporation, Bedford, MA"},{"issue":"1","key":"71_CR4","doi-asserted-by":"crossref","first-page":"36","DOI":"10.1145\/504909.504911","volume":"5","author":"M Bernaschi","year":"2002","unstructured":"Bernaschi M, Gabrielli E, Mancini L (2002) REMUS: a security-enhanced operating system. ACM Trans Inf Syst Secur 5(1):36\u201361","journal-title":"ACM Trans Inf Syst Secur"},{"key":"71_CR5","doi-asserted-by":"crossref","unstructured":"Bershad B, Savage S, Pardyak P, Sirer E, Fiuczinski M, Becker D, Eggers S, Chambers C (1995) Extensibility, safety and performance in the SPIN operating system. Proceedings of the ACM Symposium on Operating System Principles (SOSP), pp 267\u2013283","DOI":"10.1145\/224056.224077"},{"issue":"1","key":"71_CR6","doi-asserted-by":"crossref","first-page":"71","DOI":"10.1145\/605434.605437","volume":"6","author":"E Bertino","year":"2003","unstructured":"Bertino E, Catania B, Ferrari E, Perlasca P (2003) A logical framework for reasoning about access control models. ACM Trans Inf Syst Secur 6(1):71\u2013127","journal-title":"ACM Trans Inf Syst Secur"},{"key":"71_CR7","volume-title":"Integrity considerations for secure computer systems. Technical Report no. MTR-3153","author":"K Biba","year":"1977","unstructured":"Biba K (1977) Integrity considerations for secure computer systems. Technical Report no. MTR-3153. MITRE Corporation, Bedford, MA"},{"key":"71_CR8","unstructured":"Boebert W, Kain R (1985) A practical alternative to hierarchical integrity policies. Proceedings of the National Computer Security Conference, pp 18\u201327"},{"key":"71_CR9","doi-asserted-by":"crossref","unstructured":"Brewer D, Nash M (1989) The Chinese wall security policy. Proceedings of the IEEE Symposium on Security and Privacy, pp 206\u2013214","DOI":"10.1109\/SECPRI.1989.36295"},{"key":"71_CR10","doi-asserted-by":"crossref","unstructured":"Bruneton E, Coupaye T, Leclerc M, Quema V, Stefani J-B (2006) The Fractal component model and its support in Java. Software\u2014practice and experience (SP&E). Special issue on Experiences with Auto-adaptive and Reconfigurable Systems 36(11\u201312):1257\u20131284","DOI":"10.1002\/spe.767"},{"issue":"1","key":"71_CR11","doi-asserted-by":"crossref","first-page":"107","DOI":"10.1147\/sj.421.0107","volume":"42","author":"D Chess","year":"2003","unstructured":"Chess D, Palmer C, White S (2003) Security in an autonomic computing environment. IBM Syst J 42(1):107\u2013118","journal-title":"IBM Syst J"},{"key":"71_CR12","doi-asserted-by":"crossref","unstructured":"Claudel B, De Palma N, Lachaize R, Hagimont D (2006) Self-protection for distributed component-based applications. International Symposium on Stabilization, Safety, and Security of Distributed Systems, formerly Symposium on Self-stabilizing Systems (SSS), pp 184\u2013198","DOI":"10.1007\/978-3-540-49823-0_13"},{"issue":"1","key":"71_CR13","doi-asserted-by":"crossref","first-page":"3","DOI":"10.1145\/1210263.1210265","volume":"10","author":"M Damiani","year":"2007","unstructured":"Damiani M, Bertino E, Catania B, Perlasca P (2007) GEO-RBAC: a spatially-aware RBAC. ACM Trans Inf Syst Secur 10(1):3\u201342","journal-title":"ACM Trans Inf Syst Secur"},{"key":"71_CR14","doi-asserted-by":"crossref","unstructured":"David PC, Ledoux T (2005) WildCAT: a generic framework for context-aware applications. Proceedings of the International Workshop on Middleware for Pervasive and Ad-Hoc Computing (MPAC)","DOI":"10.1145\/1101480.1101483"},{"key":"71_CR15","doi-asserted-by":"crossref","unstructured":"De Capitani Di Vimercati S, Samarati P, Jajodia S (2005) Policies, models, and languages for access control. Proceedings of the International Workshop on Databases in Networked Information Systems (DNIS), pp. 225\u2013237","DOI":"10.1007\/978-3-540-31970-2_18"},{"issue":"3","key":"71_CR16","doi-asserted-by":"crossref","first-page":"143","DOI":"10.1145\/365230.365252","volume":"9","author":"JB Dennis","year":"1966","unstructured":"Dennis JB, Van Horn E (1966) Programming semantics for multi-programmed computations. Commun ACM 9(3):143\u2013154","journal-title":"Commun ACM"},{"key":"71_CR17","doi-asserted-by":"crossref","unstructured":"Edwards A, Jaeger T, Zhang X (2002) Runtime verification of authorization hook placement for the Linux security modules framework. Proceedings of the ACM Conference on Computer and Communications Security (CCS) pp 225\u2013234","DOI":"10.1145\/586110.586141"},{"key":"71_CR18","doi-asserted-by":"crossref","unstructured":"Engler D, Kaashoek M, O\u2019Toole J (1995) Exokernel: an operating system architecture for application-level resource management. Proceedings of the ACM Symposium on Operating System Principles (SOSP) pp 251\u2013266","DOI":"10.1145\/224056.224076"},{"key":"71_CR19","unstructured":"Fassino J-P, Jarboui T, Lacoste M (2008) An access control system and method, a component-based kernel including it, and its use. US Patent Application no. 11,792,900"},{"key":"71_CR20","unstructured":"Fassino J-P, Stefani J-B, Lawall J, Muller G (2002) Think: a software framework for component-based operating system kernels. Proceedings of the USENIX Annual Technical Conference, pp 73\u201386"},{"issue":"3","key":"71_CR21","doi-asserted-by":"crossref","first-page":"224","DOI":"10.1145\/501978.501980","volume":"4","author":"D Ferraiolo","year":"2001","unstructured":"Ferraiolo D, Sandhu R, Gavrila S, Kuhn D, Chandramouli R (2001) Proposed NIST standard for role-based access control. ACM Trans Inf Syst Secur 4(3):224\u2013274","journal-title":"ACM Trans Inf Syst Secur"},{"issue":"1","key":"71_CR22","doi-asserted-by":"crossref","first-page":"5","DOI":"10.1147\/sj.421.0005","volume":"42","author":"A Ganek","year":"2003","unstructured":"Ganek A, Corbi T (2003) The dawning of the autonomic computing era. IBM Syst J 42(1):5\u201318","journal-title":"IBM Syst J"},{"issue":"5","key":"71_CR23","doi-asserted-by":"crossref","first-page":"100","DOI":"10.1109\/MCOM.2004.1299350","volume":"42","author":"N Georganopoulos","year":"2004","unstructured":"Georganopoulos N, Farnham T, Burgess R, Scholer T, Sessler J, Warr P, Golubicic Z, Platbrood F, Souville B, Buljore S (2004) Terminal-centric view of software reconfigurable system architecture and enabling components and technologies. IEEE Commun Mag 42(5):100\u2013110","journal-title":"IEEE Commun Mag"},{"key":"71_CR24","doi-asserted-by":"crossref","unstructured":"Gligor V, Gavrila S, Ferraiolo D (1998) On the formal definition of separation-of-duty policies and their composition. Proceedings of the IEEE Symposium on Security and Privacy, pp 172\u2013183","DOI":"10.1109\/SECPRI.1998.674833"},{"issue":"1","key":"71_CR25","doi-asserted-by":"crossref","first-page":"36","DOI":"10.1145\/367742.367773","volume":"19","author":"R Grimm","year":"2001","unstructured":"Grimm R, Bershad B (2001) Separating access control policy enforcement and functionality in extensible systems. ACM Trans Comput Syst 19(1):36\u201370","journal-title":"ACM Trans Comput Syst"},{"key":"71_CR26","unstructured":"Halfhill T (2003) ARM Dons Armor: TrustZone security extensions strengthen ARMv6 Architecture. Microprocessor Report, August 25th"},{"issue":"4","key":"71_CR27","doi-asserted-by":"crossref","first-page":"8","DOI":"10.1145\/858336.858337","volume":"19","author":"N Hardy","year":"1985","unstructured":"Hardy N (1985) The KeyKOS architecture. Oper Syst Rev 19(4):8\u201325","journal-title":"Oper Syst Rev"},{"key":"71_CR28","unstructured":"Hewlett-Packard. Jena: a semantic web framework for Java. http:\/\/jena.sourceforge.net\/"},{"key":"71_CR29","unstructured":"Jaeger T, Liedtke J, Islam N (1998) Operating system protection for fine-grained programs. Proceedings of the USENIX Security Symposium, pp 143\u2013157"},{"key":"71_CR30","doi-asserted-by":"crossref","unstructured":"Jajodia S, Samarati P, Subrahmanian V (1997) A logical language for expressing authorizations. Proceedings of the IEEE Symposium on Security and Privacy, pp 31\u201342","DOI":"10.1109\/SECPRI.1997.601312"},{"issue":"2","key":"71_CR31","doi-asserted-by":"crossref","first-page":"214","DOI":"10.1145\/383891.383894","volume":"26","author":"S Jajodia","year":"2001","unstructured":"Jajodia S, Samarati P, Sapino M, Subrahmanian V (2001) Flexible support for multiple access control policies. ACM Trans Database Syst 26(2):214\u2013260","journal-title":"ACM Trans Database Syst"},{"key":"71_CR32","unstructured":"Jarboui T, Lacoste M, Wadier P (2006) A component-based policy-neutral authorization architecture. Actes de la 5\u00e8me Conf\u00e9rence Fran\u00e7aise sur les Syst\u00e8mes d\u2019Exploitation (CFSE)"},{"key":"71_CR33","doi-asserted-by":"crossref","unstructured":"Kim A, Luo J, Kang M (2005) Security ontology for annotating resources. Proceedings of the International Conference on Ontologies, Databases, and Application of Semantics (ODBASE)","DOI":"10.1007\/11575801_34"},{"key":"71_CR34","doi-asserted-by":"crossref","unstructured":"Kon F, Campbell R, Mickunas M, Nahrstedt K, Ballesteros F (2000) 2K: A distributed operating system for dynamic heterogeneous environments. IEEE International Symposium on High Performance Distributed Computing (HPDC), pp 201\u2013210","DOI":"10.1109\/HPDC.2000.868651"},{"key":"71_CR35","doi-asserted-by":"crossref","unstructured":"Krieger O, Auslander M, Rosenburg B, Wisniewski R, Xenidis J, Da Silva D, Ostrowski M, Appavoo J, Butrico M, Mergen M, Waterland A, Uhlig V (2006) K42: building a complete operating system. Proceedings of the EUROSYS 2006 Conference, Operating Systems Review 40(4):133\u2013146","DOI":"10.1145\/1218063.1217949"},{"key":"71_CR36","unstructured":"Krohn M, Efstathopoulos P, Frey C, Kaashoek F, Kohler E, Mazieres D, Morris R, Osborne M, Vandebogart S, Ziegler D (2005) Make least privilege a right (not a privilege). Proceedings of the Hot Topics in Operating Systems Symposium (HotOS)"},{"issue":"5","key":"71_CR37","doi-asserted-by":"crossref","first-page":"687","DOI":"10.1016\/j.jss.2006.08.039","volume":"80","author":"T Kuz","year":"2007","unstructured":"Kuz T, Liu Y, Gorton I, Heiser G (2007) CAmkES: a component model for secure microkernel-based embedded systems. J Syst Softw 80(5):687\u2013699","journal-title":"J Syst Softw"},{"key":"71_CR38","doi-asserted-by":"crossref","unstructured":"Lacoste M, Privat G, Ramparany F (2007) Evaluating confidence in context for context-aware security. Proceedings of the European Conference on Ambient Intelligence (AmI)","DOI":"10.1007\/978-3-540-76652-0_13"},{"key":"71_CR39","unstructured":"Levy H (1984) Capability-based computer systems. Digital Press, Bedford, MA"},{"key":"71_CR40","doi-asserted-by":"crossref","unstructured":"Liedtke J (1995) On micro-kernel construction. Proceedings of the ACM Symposium on Operating System Principles (SOSP)","DOI":"10.1145\/224056.224075"},{"issue":"3","key":"71_CR41","doi-asserted-by":"crossref","first-page":"24","DOI":"10.1145\/1075395.1075397","volume":"39","author":"Z Lin","year":"2005","unstructured":"Lin Z, Wang C, Mao B, Xie L (2005) A policy flexible architecture for secure operating systems. Oper Syst Rev 39(3):24\u201333","journal-title":"Oper Syst Rev"},{"key":"71_CR42","unstructured":"Loscocco P, Smalley S (2001) Integrating flexible support for security policies into the Linux operating system. Proceedings of the USENIX Annual Technical Conference, pp 29\u201342"},{"key":"71_CR43","unstructured":"Loscocco P, Smalley S, Muckelbauer P, Taylor R, Turner S, Farrell J (1998) The inevitability of failure: the flawed assumption of security in modern computing environments. Proceedings of the National Information Systems Security Conference, pp 303\u2013314"},{"key":"71_CR44","unstructured":"Minear S (1995) Providing policy control over object operations in a Mach-based system. Proceedings of the USENIX Security Symposium, pp 141\u2013156"},{"key":"71_CR45","unstructured":"MOTOROLA LABS. IST E2R II Project, http:\/\/e2r2.motlabs.com\/"},{"key":"71_CR46","unstructured":"Ott A (2001) The rule set based access control (RSBAC) Linux kernel security extension. Proceedings of the International Linux Kongress"},{"issue":"1","key":"71_CR47","doi-asserted-by":"crossref","first-page":"128","DOI":"10.1145\/984334.984339","volume":"7","author":"J Park","year":"2004","unstructured":"Park J, Sandhu R (2004) The UCON ABC usage control model. ACM Trans Inf Syst Secur 7(1):128\u2013174","journal-title":"ACM Trans Inf Syst Secur"},{"key":"71_CR48","doi-asserted-by":"crossref","unstructured":"Polakovic J, Mazare S, Stefani J-B, David PC (2007) Experience with implementing safe reconfigurations in component-based embedded systems. Proceedings of the International ACM Symposium on Component-Based Software Engineering (CBSE), pp 240\u2013255","DOI":"10.1007\/978-3-540-73551-9_17"},{"key":"71_CR49","doi-asserted-by":"crossref","unstructured":"Polakovic J, Ozcan AE, Stefani J-B (2006) Building reconfigurable component-based OS with Think. Proceedings of the EUROMICRO Conference on Software Engineering and Advanced Applications, pp 178\u2013185","DOI":"10.1109\/EUROMICRO.2006.26"},{"key":"71_CR50","doi-asserted-by":"crossref","unstructured":"Rippert C, Stefani J-B (2002) Think: a secure distributed systems architecture. Proceedings of the ACM SIGOPS European Workshop","DOI":"10.1145\/1133373.1133424"},{"issue":"4","key":"71_CR51","first-page":"305","volume":"1","author":"M Rozier","year":"1988","unstructured":"Rozier M, Abrossimov V, Armand F, Boule I, Gien M, Guillemont M, Hermann F, Kaiser C, Langlois S, Leonard P, Neuhauser W (1988) Chorus distributed operating system. Comput Syst 1(4):305\u2013370","journal-title":"Comput Syst"},{"key":"71_CR52","doi-asserted-by":"crossref","unstructured":"Saltzer J, Schroeder M (1975) The protection of information in computer systems. Proceedings of the IEEE 63(9):1278\u20131308","DOI":"10.1109\/PROC.1975.9939"},{"key":"71_CR53","doi-asserted-by":"crossref","unstructured":"Saxena A, Lacoste M, Jarboui T, Lucking U, Steinke B (2007) A software framework for autonomic security in pervasive environments. Proceedings of the International Conference on Information Systems Security (ICISS)","DOI":"10.1007\/978-3-540-77086-2_8"},{"key":"71_CR54","doi-asserted-by":"crossref","unstructured":"Schroeder M, Saltzer J (1971) A hardware architecture for implementing protection rings. Proceedings of the ACM Symposium on Operating System Principles (SOSP)","DOI":"10.1145\/800212.806498"},{"key":"71_CR55","doi-asserted-by":"crossref","unstructured":"Seltzer M, Endo Y, Small C, Smith K (1996) Dealing with disaster: surviving misbehaved kernel extensions. Proceedings of the USENIX Symposium on Operating Systems Design and Implementation (OSDI), pp 213\u2013228","DOI":"10.1145\/238721.238779"},{"issue":"1","key":"71_CR56","doi-asserted-by":"crossref","first-page":"26","DOI":"10.1109\/52.976938","volume":"19","author":"J Shapiro","year":"2002","unstructured":"Shapiro J, Hardy N (2002) EROS: a principle-driven operating system from the ground up. IEEE Softw 19(1):26\u201333","journal-title":"IEEE Softw"},{"key":"71_CR57","doi-asserted-by":"crossref","unstructured":"Shapiro J, Smith J, Farber D (1999) EROS: a fast capability system. Proceedings of the ACM Symposium on Operating Systems Principles (SOSP), pp 170\u2013185","DOI":"10.1145\/319151.319163"},{"key":"71_CR58","doi-asserted-by":"crossref","unstructured":"Shapiro J, Weber S (2000) Verifying the EROS confinement mechanism. Proceedings of the IEEE Symposium on Security and Privacy, pp 166\u2013176","DOI":"10.1109\/SECPRI.2000.848454"},{"key":"71_CR59","unstructured":"Spencer R, Smalley S, Loscocco P, Hibler M, Andersen D, Lepreau J (1999) The Flask security architecture: system support for diverse security policies. Proceedings of the USENIX Security Symposium"},{"key":"71_CR60","unstructured":"Suh S (2007) Secure architecture and implementation of Xen on ARM for mobile devices. Xen Summit, April"},{"key":"71_CR61","volume-title":"Component software systems","author":"C Szyperski","year":"2002","unstructured":"Szyperski C (2002) Component software systems. Addison-Wesley, New York"},{"key":"71_CR62","unstructured":"Tanenbaum A, Mullender S, Van Renesse R (1986) Using sparse capabilities in a distributed operating system. Proceedings of the International Symposium on Distributed Computing Systems (ICDCS), pp 558\u2013563"},{"key":"71_CR63","doi-asserted-by":"crossref","unstructured":"Trinpunitara M, Li N (2004) Comparing the expressive power of access control models. Proceedings of the ACM Conference on Computer and Communications Security (CCS), pp 62\u201371","DOI":"10.1145\/1030083.1030093"},{"issue":"4","key":"71_CR64","doi-asserted-by":"crossref","first-page":"11.1","DOI":"10.1145\/1314299.1314302","volume":"25","author":"S Vandebogart","year":"2007","unstructured":"Vandebogart S, Efstathopoulos P, Kohler E, Krohn M, Frey C, Ziegler D, Kaashoek F, Morris R, Mazieres D (2007) Labels and event processes in the Asbestos operating system. ACM Trans Comput Syst 25(4):11.1\u201311.43","journal-title":"ACM Trans Comput Syst"},{"key":"71_CR65","doi-asserted-by":"crossref","unstructured":"Wallach D, Balfanz D, Dean S, Felten E (1997) Extensible security architectures for Java. Proceedings of the ACM Symposium on Operating Systems Principles (SOSP), pp 116\u2013128","DOI":"10.1145\/268998.266668"},{"key":"71_CR66","unstructured":"Watson R, Morrison W, Vance C, Feldman B (2003) The Trusted BSD MAC framework: extensible kernel access control for FreeBSD 5.0. Proceedings of the USENIX Annual Technical Conference, pp 285\u2013296"},{"key":"71_CR67","unstructured":"Wright C, Cowan R, Smalley S, Morris J, Kroah-Hartman G (2002) Linux security modules: general security support for the Linux kernel. Proceedings of the USENIX Security Symposium"},{"key":"71_CR68","doi-asserted-by":"crossref","unstructured":"Zanin G, Mancini L (2004) Towards a formal model for security policies specification and validation in the SELinux System. Proceedings of the ACM Symposium on Access Control Models and Technologies (SACMAT), pp 136\u2013145","DOI":"10.1145\/990036.990059"},{"key":"71_CR69","unstructured":"Zeldovich N, Boyd-Wickizer S, Kohler E, Mazieres D (2006) Making information flow explicit in HiStar. Proceedings of the Symposium on Operating Systems Design and Implementation (OSDI)"},{"key":"71_CR70","unstructured":"Zeldovich N, Boyd-Wickizer S, Mazieres D (2008) Securing distributed systems with information flow control. Proceedings of the Symposium on Networked Systems Design and Implementation (NSDI)"}],"container-title":["annals of telecommunications - annales des t\u00e9l\u00e9communications"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s12243-008-0071-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s12243-008-0071-0\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s12243-008-0071-0","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,9,21]],"date-time":"2021-09-21T12:00:28Z","timestamp":1632225628000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s12243-008-0071-0"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2008,11,20]]},"references-count":70,"journal-issue":{"issue":"1-2","published-print":{"date-parts":[[2009,2]]}},"alternative-id":["71"],"URL":"https:\/\/doi.org\/10.1007\/s12243-008-0071-0","relation":{},"ISSN":["0003-4347","1958-9395"],"issn-type":[{"value":"0003-4347","type":"print"},{"value":"1958-9395","type":"electronic"}],"subject":[],"published":{"date-parts":[[2008,11,20]]}}}