{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T15:31:30Z","timestamp":1763479890484},"publisher-location":"Berlin, Heidelberg","reference-count":37,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642351693"},{"type":"electronic","value":"9783642351709"}],"license":[{"start":{"date-parts":[[2012,1,1]],"date-time":"2012-01-01T00:00:00Z","timestamp":1325376000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012]]},"DOI":"10.1007\/978-3-642-35170-9_21","type":"book-chapter","created":{"date-parts":[[2012,11,9]],"date-time":"2012-11-09T21:37:05Z","timestamp":1352497025000},"page":"415-435","source":"Crossref","is-referenced-by-count":4,"title":["Enhancing the OS against Security Threats in System Administration"],"prefix":"10.1007","author":[{"given":"Nuno","family":"Santos","sequence":"first","affiliation":[]},{"given":"Rodrigo","family":"Rodrigues","sequence":"additional","affiliation":[]},{"given":"Bryan","family":"Ford","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"21_CR1","unstructured":"Federal Government\u2019s Cloud Plans: A $20 Billion Shift, \n                    \n                      http:\/\/www.cio.com\/article\/671013\/Federal_Government_s_Cloud_Plans_A_20_Billion_Shift"},{"key":"21_CR2","unstructured":"Lxc Linux Containers, \n                    \n                      http:\/\/lxc.sourceforge.net"},{"key":"21_CR3","unstructured":"Trusted GRUB, \n                    \n                      http:\/\/trousers.sourceforge.net\/grub.html"},{"key":"21_CR4","unstructured":"Ubuntu, \n                    \n                      http:\/\/www.ubuntu.com\/"},{"key":"21_CR5","unstructured":"Verizon to Put Medical Records in the Cloud, \n                    \n                      http:\/\/www.networkcomputing.com\/cloud-computing\/229501444"},{"key":"21_CR6","unstructured":"Insecurity of Privileged Users: Global Survey of IT Practitioners. Tech. rep. Ponem Institute and HP (2011), \n                    \n                      http:\/\/h30507.www3.hp.com\/hpblogs\/attachments\/hpblogs\/666\/62\/1\/HP%20Privileged%20User%20Study%20FINAL%20December%202011.pdf"},{"key":"21_CR7","unstructured":"AppArmor, \n                    \n                      http:\/\/www.novell.com\/linux\/security\/apparmor"},{"key":"21_CR8","doi-asserted-by":"crossref","unstructured":"Bell, E.D., La Padula, J.L.: Secure computer system: Unified exposition and Multics interpretation. Tech. rep. MITRE Corp. (1976)","DOI":"10.21236\/ADA023588"},{"key":"21_CR9","unstructured":"Biba, K.J.: Integrity considerations for secure computer systems. Tech. rep. MITRE Corp. (1977)"},{"key":"21_CR10","doi-asserted-by":"crossref","unstructured":"Clark, D.D., Wilson, D.R.: A Comparison of Commercial and Military Computer Security Policies. In: IEEE Symposium on Security and Privacy (1987)","DOI":"10.1109\/SP.1987.10001"},{"key":"21_CR11","doi-asserted-by":"crossref","unstructured":"Colp, P., Nanavati, M., Zhu, J., Aiello, W., Coker, G., Deegan, T., Loscocco, P., Warfield, A.: Breaking up is hard to do: security and functionality in a commodity hypervisor. In: SOSP (2011)","DOI":"10.1145\/2043556.2043575"},{"key":"21_CR12","unstructured":"ENISA: Cloud Computing - SME Survey (2009), \n                    \n                      http:\/\/www.enisa.europa.eu\/act\/rm\/files\/deliverables\/cloud-computing-sme-survey\/"},{"key":"21_CR13","unstructured":"ENISA: Cloud Computing Risk Assessment (2009), \n                    \n                      http:\/\/www.enisa.europa.eu\/act\/rm\/files\/deliverables\/cloud-computing-risk-assessment"},{"key":"21_CR14","unstructured":"GBdirect: Linux System Administration (2004), \n                    \n                      http:\/\/training.gbdirect.co.uk"},{"key":"21_CR15","unstructured":"Hamilton, J.: An Architecture for Modular Data Centers. In: CIDR (2007)"},{"key":"21_CR16","unstructured":"H\u00e4rtig, H., Hohmuth, M., Feske, N., Helmuth, C., Lackorzynski, A., Mehnert, F., Peter, M.: The Nizza Secure-system Architecture. In: CollaborateCom (2005)"},{"key":"21_CR17","unstructured":"Esteve, J., Boldrito, R.: GNU\/Linux Advanced Administration (2007)"},{"key":"21_CR18","unstructured":"Kamp, P., Watson, R.N.M.: Jails: Confining the omnipotent root. In: SANE 2000 (2000)"},{"key":"21_CR19","unstructured":"Keeney, M.: Insider Threat Study: Computer System Sabotage in Critical Infrastructure Sectors. Tech. rep. U.S. Secret Service and CMU (2005), \n                    \n                      http:\/\/www.secretservice.gov\/ntac\/its_report_050516.pdf"},{"key":"21_CR20","unstructured":"Kim, T., Zeldovich, N.: Making Linux Protection Mechanisms Egalitarian with UserFS. In: USENIX Security Symposium 2010 (2010)"},{"key":"21_CR21","doi-asserted-by":"crossref","unstructured":"Klein, G., Elphinstone, K., Heiser, G., Andronick, J., Cock, D., Derrin, P., Elkaduwe, D., Engelhardt, K., Kolanski, R., Norrish, M., Sewell, T., Tuch, H., Winwood, S.: seL4: Formal verification of an OS kernel. In: SOSP (2009)","DOI":"10.1145\/1629575.1629596"},{"key":"21_CR22","unstructured":"Kowalski, E.: Insider Threat Study: Illicit Cyber Activity in the Information Technology and Telecommunications Sector. Tech. rep. U.S. Secret Service and CMU (2008), \n                    \n                      http:\/\/www.secretservice.gov\/ntac\/final_it_sector_2008_0109.pdf"},{"key":"21_CR23","doi-asserted-by":"crossref","unstructured":"Krohn, M., Yip, A., Brodsky, M., Cliffer, N., Kaashoek, M.F., Kohler, E., Morris, R.: Information Flow Control for Standard OS Abstractions. In: SOSP (2007)","DOI":"10.1145\/1294261.1294293"},{"key":"21_CR24","doi-asserted-by":"crossref","unstructured":"McCune, J.M., Li, Y., Qu, N., Zhou, Z., Datta, A., Gligor, V.D., Perrig, A.: TrustVisor: Efficient TCB Reduction and Attestation. In: IEEE Symposium on Security and Privacy (2010)","DOI":"10.1109\/SP.2010.17"},{"key":"21_CR25","doi-asserted-by":"crossref","unstructured":"McCune, J.M., Parno, B., Perrig, A., Reiter, M.K., Isozaki, H.: Flicker: An Execution Infrastructure for TCB Minimization. In: EuroSys (2008)","DOI":"10.1145\/1352592.1352625"},{"key":"21_CR26","unstructured":"Microsoft: BitLocker Drive Encryption, \n                    \n                      http:\/\/www.microsoft.com\/whdc\/system\/platform\/hwsecurity\/default.mspx"},{"key":"21_CR27","doi-asserted-by":"crossref","unstructured":"Murray, D.G., Milos, G., Hand, S.: Improving Xen Security Through Disaggregation. In: VEE (2008)","DOI":"10.1145\/1346256.1346278"},{"key":"21_CR28","doi-asserted-by":"crossref","unstructured":"Myers, A.C., Liskov, B.: A Decentralized Model for Information Flow Control. In: SOSP (1997)","DOI":"10.1145\/268998.266669"},{"key":"21_CR29","unstructured":"NSA: Security-Enhanced Linux (SELinux) (2001), \n                    \n                      http:\/\/www.nsa.gov\/selinux"},{"key":"21_CR30","doi-asserted-by":"crossref","unstructured":"Parno, B., McCune, J.M., Perrig, A.: Bootstrapping Trust in Commodity Computers. In: IEEE Symposium on Security and Privacy (2010)","DOI":"10.1109\/SP.2010.32"},{"key":"21_CR31","unstructured":"Cox, R., Grosse, E., Pike, R., Presotto, D., Quinlan, S.: Security in Plan 9. In: USENIX Security Symposium 2002 (2002)"},{"key":"21_CR32","unstructured":"Santos, N., Rodrigues, R., Gummadi, K.P., Saroiu, S.: Policy-Sealed Data: A New Abstraction for Building Trusted Cloud Services. In: USENIX Security (2012)"},{"key":"21_CR33","doi-asserted-by":"crossref","unstructured":"Sirer, E.G., de Bruijn, W., Reynold, P., Shieh, A., Walsh, K., Williams, D., Schneider, F.B.: Logical Attestation: An Authorization Architecture for Trustworthy Computing. In: SOSP (2011)","DOI":"10.1145\/2043556.2043580"},{"key":"21_CR34","doi-asserted-by":"crossref","unstructured":"Steinberg, U., Kauer, B.: NOVA: A Microhypervisor-Based Secure Virtualization Architecture. In: Eurosys (2010)","DOI":"10.1145\/1755913.1755935"},{"key":"21_CR35","unstructured":"Wirzenius, L., Oja, J., Stafford, S., Weeks, A.: The Linux System Administrator\u2019s Guide (1993-2004), \n                    \n                      http:\/\/tldp.org\/LDP\/sag"},{"key":"21_CR36","unstructured":"Zeldovich, N., Boyd-Wickizer, S., Kohler, E., Mazi\u00e8res, D.: Making Information Flow Explicit in HiStar. In: OSDI (2006)"},{"key":"21_CR37","doi-asserted-by":"crossref","unstructured":"Zhang, F., Chen, J., Chen, H., Zang, B.: CloudVisor: Retrofitting Protection of Virtual Machines in Multi-tenant Cloud with Nested Virtualization. In: SOSP (2011)","DOI":"10.1145\/2043556.2043576"}],"container-title":["Lecture Notes in Computer Science","Middleware 2012"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-35170-9_21","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,8]],"date-time":"2019-05-08T17:54:48Z","timestamp":1557338088000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-35170-9_21"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012]]},"ISBN":["9783642351693","9783642351709"],"references-count":37,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-35170-9_21","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2012]]}}}