A further note on the confinement problem

Author

Boebert, W.E. ; Kain, R.Y.

fYear

1996

fDate

2-4 Oct. 1996

Firstpage

198

Lastpage

202

Abstract

“Confinement”, in computer systems, is the ability to limit the amount of damage that can be done by malicious or malfunctioning software. Confinement is a requirement when either security or safety is a concern. The authors demonstrate why the access control mechanisms of common operating systems do not constitute a confinement mechanism. They describe the early confinement mechanism mandated by the Trusted Computing System Evaluation Criteria and note its shortcomings. They summarize prior attempts to overcome those shortcomings. They describe an alternative confinement mechanism called “type enforcement” that was invented by the authors in 1984 and subsequently implemented in several secure computers. They show how type enforcement overcomes the limitations of the early mechanisms and outline its uses, with special emphasis on the way in which the type enforcement mechanism supports assurance and safety. They conclude by describing the application of type enforcement to the problem of confining the actions of “mobile agents”, which are active agents downloaded to client machines from servers

Keywords

authorisation; client-server systems; computer viruses; operating systems (computers); safety-critical software; security of data; Trusted Computing System Evaluation Criteria; access control mechanisms; active agents; assurance; client machines; computer system confinement; damage limitation; malfunctioning software; malicious software; mobile agents; operating systems; safety; secure computers; security; servers; type enforcement;

fLanguage

English

Publisher

ieee

Conference_Titel

Security Technology, 1996. 30th Annual 1996 International Carnahan Conference

Conference_Location

Lexington, Kentucky, USA

Print_ISBN

0-7803-3537-6

Type

conf

DOI

10.1109/CCST.1996.551864

Filename

5727004