{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:32:01Z","timestamp":1750307521726,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":46,"publisher":"ACM","license":[{"start":{"date-parts":[[2008,7,15]],"date-time":"2008-07-15T00:00:00Z","timestamp":1216080000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["6.28E+12"],"award-info":[{"award-number":["6.28E+12"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2008,7,15]]},"DOI":"10.1145\/1600176.1600186","type":"proceedings-article","created":{"date-parts":[[2009,9,8]],"date-time":"2009-09-08T12:53:09Z","timestamp":1252414389000},"page":"55-65","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["Robustly secure computer systems"],"prefix":"10.1145","author":[{"given":"Jon A.","family":"Solworth","sequence":"first","affiliation":[{"name":"University of Illinois at Chicago, Chicago, Illinois"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2008,7,15]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Portable Operating System Interface (POSIX) Part 1: System Application Program Interface (API) {C Language}","author":"Std ANSI","year":"1996","unstructured":"IEEE\/ ANSI Std . 1003.1. Portable Operating System Interface (POSIX) Part 1: System Application Program Interface (API) {C Language} , 1996 . IEEE\/ANSI Std. 1003.1. Portable Operating System Interface (POSIX) Part 1: System Application Program Interface (API) {C Language}, 1996."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.5555\/872016.872155"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/945445.945462"},{"key":"e_1_3_2_1_6_1","first-page":"57","volume-title":"USENIX Security Symposium","author":"Brumley David","year":"2004","unstructured":"David Brumley and Dawn Xiaodong Song . Privtrans : Automatically partitioning programs for privilege separation . In USENIX Security Symposium , pages 57 -- 72 , 2004 . David Brumley and Dawn Xiaodong Song. Privtrans: Automatically partitioning programs for privilege separation. In USENIX Security Symposium, pages 57--72, 2004."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1180405.1180445"},{"key":"e_1_3_2_1_8_1","unstructured":"Steven M. Christey. Vulnerability type distributing in CVE. http:\/\/cwe.mitre.org\/documents\/vuln-trends.html October 2006. Mitre Corporation.  Steven M. Christey. Vulnerability type distributing in CVE. http:\/\/cwe.mitre.org\/documents\/vuln-trends.html October 2006. Mitre Corporation."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2006.4"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/1095809.1095813"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.1982.10014"},{"key":"e_1_3_2_1_13_1","volume-title":"Proc. of the USENIX Security Symposium","author":"Goldberg Ian","year":"1996","unstructured":"Ian Goldberg , David Wagner , Randi Thomas , and Eric A. Brewer . A secure environment for untrusted helper applications (confining the wily hacker) . In Proc. of the USENIX Security Symposium , San Jose, Ca. , 1996 . Ian Goldberg, David Wagner, Randi Thomas, and Eric A. Brewer. A secure environment for untrusted helper applications (confining the wily hacker). In Proc. of the USENIX Security Symposium, San Jose, Ca., 1996."},{"key":"e_1_3_2_1_14_1","volume-title":"Morgan Kaufmann","author":"Gray Jim","year":"1993","unstructured":"Jim Gray and Andreas Reuter . Transaction Processing : Concepts and Techniques . Morgan Kaufmann , 1993 . Jim Gray and Andreas Reuter. Transaction Processing: Concepts and Techniques. Morgan Kaufmann, 1993."},{"key":"e_1_3_2_1_15_1","volume-title":"CollaborateCom","author":"H\u00e4rtig Hermann","year":"2005","unstructured":"Hermann H\u00e4rtig , Michael Hohmuth , Norman Feske , Christian Helmuth , Adam Lackorzynski , Frank Mehnert , and Michael Peter . The nizza secure-system architecture . In CollaborateCom . IEEE , 2005 . Hermann H\u00e4rtig, Michael Hohmuth, Norman Feske, Christian Helmuth, Adam Lackorzynski, Frank Mehnert, and Michael Peter. The nizza secure-system architecture. In CollaborateCom. IEEE, 2005."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1243418.1243424"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1133373.1133394"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/352600.353052"},{"key":"e_1_3_2_1_19_1","first-page":"275","volume-title":"General Track: USENIX Annual Technical Conference","author":"Jim Trevor","year":"2002","unstructured":"Trevor Jim , J. Greg Morrisett , Dan Grossman , Michael W. Hicks , James Cheney , and Yanling Wang . Cyclone : A safe dialect of C . In General Track: USENIX Annual Technical Conference , pages 275 -- 288 , June 2002 . Trevor Jim, J. Greg Morrisett, Dan Grossman, Michael W. Hicks, James Cheney, and Yanling Wang. Cyclone: A safe dialect of C. In General Track: USENIX Annual Technical Conference, pages 275--288, June 2002."},{"key":"e_1_3_2_1_20_1","volume-title":"SANE 2000","author":"Kamp Poul-Henning","year":"2000","unstructured":"Poul-Henning Kamp and Robert N. M. Watson . Jails: Confining the omnipotent root . In SANE 2000 . NLUUG, 2000 . Poul-Henning Kamp and Robert N. M. Watson. Jails: Confining the omnipotent root. In SANE 2000. NLUUG, 2000."},{"key":"e_1_3_2_1_21_1","first-page":"119","volume-title":"Proc. of the Annual Computer Security Applications Connference (ACSAC)","author":"Karger Paul A.","year":"2002","unstructured":"Paul A. Karger and Roger R. Schell . Thirty years later: Lessons from the multics security evaluation . In Proc. of the Annual Computer Security Applications Connference (ACSAC) , volume 00 , page 119 , Los Alamitos, CA , USA, 2002 . IEEE Computer Society . Paul A. Karger and Roger R. Schell. Thirty years later: Lessons from the multics security evaluation. In Proc. of the Annual Computer Security Applications Connference (ACSAC), volume 00, page 119, Los Alamitos, CA, USA, 2002. IEEE Computer Society."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/RISP.1990.63834"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/775265.775268"},{"key":"e_1_3_2_1_24_1","first-page":"303","volume-title":"21st National Information System Security Conference","author":"Loscocco Peter","year":"1998","unstructured":"Peter Loscocco , Stephen D. Smalley , Patrick A. Muckelbauer , Ruth C. Taylor , S. Jeff Turner , and John F. Farrel . The inevitability of failure: The flawed assumption of security in modern computing environments . In 21st National Information System Security Conference , pages 303 -- 314 , 1998 . Peter Loscocco, Stephen D. Smalley, Patrick A. Muckelbauer, Ruth C. Taylor, S. Jeff Turner, and John F. Farrel. The inevitability of failure: The flawed assumption of security in modern computing environments. In 21st National Information System Security Conference, pages 303--314, 1998."},{"key":"e_1_3_2_1_25_1","volume-title":"MIT","author":"Miller S. P.","year":"1987","unstructured":"S. P. Miller , B. C. Neuman , J. I. Schiller , and J. H. Saltzer . Kerberos authentication and authorization system. Technical report , MIT , 1987 . S. P. Miller, B. C. Neuman, J. I. Schiller, and J. H. Saltzer. Kerberos authentication and authorization system. Technical report, MIT, 1987."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/1065887.1065892"},{"key":"e_1_3_2_1_28_1","first-page":"231","volume-title":"Proceedings of the 12th USENIX Security Symposium","author":"Provos Niels","year":"2003","unstructured":"Niels Provos , Markus Friedl , and Peter Honeyman . Preventing privilege escalation . In Proceedings of the 12th USENIX Security Symposium , pages 231 -- 242 . USENIX, August 2003 . Niels Provos, Markus Friedl, and Peter Honeyman. Preventing privilege escalation. In Proceedings of the 12th USENIX Security Symposium, pages 231--242. USENIX, August 2003."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/1128817.1128848"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2007.46"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/MC.1983.1654443"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSAC.2005.13"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/PROC.1975.9939"},{"key":"e_1_3_2_1_34_1","volume-title":"Proceedings of the First Annual PKI Research Workshop","author":"Sandhu Ravi","year":"2002","unstructured":"Ravi Sandhu , Mihir Bellare , and Ravi Ganesan . Password-enabled PKI : Virtual smartcards versus virtual soft tokens . In Proceedings of the First Annual PKI Research Workshop , April 2002 . Ravi Sandhu, Mihir Bellare, and Ravi Ganesan. Password-enabled PKI: Virtual smartcards versus virtual soft tokens. In Proceedings of the First Annual PKI Research Workshop, April 2002."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/300830.300839"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/2.485845"},{"key":"e_1_3_2_1_37_1","volume-title":"Department of Computer Science","author":"Seely Donn","year":"1988","unstructured":"Donn Seely . A tour of the worm. Technical report , Department of Computer Science , University of Utah , 1988 . Donn Seely. A tour of the worm. Technical report, Department of Computer Science, University of Utah, 1988."},{"key":"e_1_3_2_1_38_1","volume-title":"Proceedings of the Tenth USENIX Security Symposium, August 13--17, 2001","author":"Shankar Umesh","year":"2001","unstructured":"Umesh Shankar , Kunal Talwar , Jeffrey S. Foster , and David Wagner . Detecting format string vulnerabilities with type qualifiers. In USENIX, editor , Proceedings of the Tenth USENIX Security Symposium, August 13--17, 2001 , Washington, DC, USA, pages 201--218. USENIX , 2001 . Umesh Shankar, Kunal Talwar, Jeffrey S. Foster, and David Wagner. Detecting format string vulnerabilities with type qualifiers. In USENIX, editor, Proceedings of the Tenth USENIX Security Symposium, August 13--17, 2001, Washington, DC, USA, pages 201--218. USENIX, 2001."},{"key":"e_1_3_2_1_39_1","unstructured":"Jonathan Shapiro. bitc. http:\/\/www.bitc--lang.org.  Jonathan Shapiro. bitc. http:\/\/www.bitc--lang.org."},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/1215995.1216004"},{"key":"e_1_3_2_1_41_1","first-page":"166","volume-title":"Proc. IEEE Symp. Security and Privacy","author":"Jonathan","year":"2000","unstructured":"Jonathan S. Shapiro and Samuel Weber. Verifying the EROS confinement mechanism . In Proc. IEEE Symp. Security and Privacy , pages 166 -- 176 , 2000 . Jonathan S. Shapiro and Samuel Weber. Verifying the EROS confinement mechanism. In Proc. IEEE Symp. Security and Privacy, pages 166--176, 2000."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSAC.2005.63"},{"key":"e_1_3_2_1_43_1","first-page":"490","volume-title":"Languages and Compilers for Parallel Computing","author":"Solworth Jon A.","year":"1990","unstructured":"Jon A. Solworth . The PARSEQ project: An interim report . In Languages and Compilers for Parallel Computing , pages 490 -- 510 . Pittman\/MIT , 1990 . Jon A. Solworth. The PARSEQ project: An interim report. In Languages and Compilers for Parallel Computing, pages 490--510. Pittman\/MIT, 1990."},{"key":"e_1_3_2_1_44_1","first-page":"191","volume-title":"Winter 1988 USENIX Conference","author":"Steiner Jennifer G.","year":"1988","unstructured":"Jennifer G. Steiner , B. Clifford Neuman , and J. I. Schiller . Kerberos: An authentication service for open network systems . In Winter 1988 USENIX Conference , pages 191 -- 201 , Dallas, TX , 1988 . Jennifer G. Steiner, B. Clifford Neuman, and J. I. Schiller. Kerberos: An authentication service for open network systems. In Winter 1988 USENIX Conference, pages 191--201, Dallas, TX, 1988."},{"key":"e_1_3_2_1_45_1","volume-title":"Foresman&amp","author":"Thornton J. E.","year":"1970","unstructured":"J. E. Thornton . Design of a Computer: the CDC 6600. Scott , Foresman&amp ;Co., Glenview, IL , 1970 . J. E. Thornton. Design of a Computer: the CDC 6600. Scott, Foresman&Co., Glenview, IL, 1970."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1147\/rd.111.0025"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/168619.168635"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.5555\/1060289.1060307"},{"key":"e_1_3_2_1_49_1","volume-title":"FAST. USENIX","author":"Wei Jinpeng","year":"2005","unstructured":"Jinpeng Wei and Calton Pu . TOCTTOU vulnerabilities in UNIX-style file systems: An anatomical study . In FAST. USENIX , 2005 . Jinpeng Wei and Calton Pu. TOCTTOU vulnerabilities in UNIX-style file systems: An anatomical study. In FAST. USENIX, 2005."},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.5555\/1267308.1267327"}],"event":{"name":"NSPW '07: Proceedings of the 2007 New Security Paradigms Workshop","sponsor":["San Diego Super Computing Ctr San Diego Super Computing Ctr","James Madison University","ACSA Applied Computing Security Assoc"],"location":"New Hampshire","acronym":"NSPW '07"},"container-title":["Proceedings of the 2007 Workshop on New Security Paradigms"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1600176.1600186","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1600176.1600186","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T12:18:16Z","timestamp":1750249096000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1600176.1600186"}},"subtitle":["a new security paradigm of system discontinuity"],"short-title":[],"issued":{"date-parts":[[2008,7,15]]},"references-count":46,"alternative-id":["10.1145\/1600176.1600186","10.1145\/1600176"],"URL":"https:\/\/doi.org\/10.1145\/1600176.1600186","relation":{},"subject":[],"published":{"date-parts":[[2008,7,15]]},"assertion":[{"value":"2008-07-15","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}