Title :
A further note on the confinement problem
Author :
Boebert, W.E. ; Kain, R.Y.
Abstract :
“Confinement”, in computer systems, is the ability to limit the amount of damage that can be done by malicious or malfunctioning software. Confinement is a requirement when either security or safety is a concern. The authors demonstrate why the access control mechanisms of common operating systems do not constitute a confinement mechanism. They describe the early confinement mechanism mandated by the Trusted Computing System Evaluation Criteria and note its shortcomings. They summarize prior attempts to overcome those shortcomings. They describe an alternative confinement mechanism called “type enforcement” that was invented by the authors in 1984 and subsequently implemented in several secure computers. They show how type enforcement overcomes the limitations of the early mechanisms and outline its uses, with special emphasis on the way in which the type enforcement mechanism supports assurance and safety. They conclude by describing the application of type enforcement to the problem of confining the actions of “mobile agents”, which are active agents downloaded to client machines from servers
Keywords :
authorisation; client-server systems; computer viruses; operating systems (computers); safety-critical software; security of data; Trusted Computing System Evaluation Criteria; access control mechanisms; active agents; assurance; client machines; computer system confinement; damage limitation; malfunctioning software; malicious software; mobile agents; operating systems; safety; secure computers; security; servers; type enforcement;
Conference_Titel :
Security Technology, 1996. 30th Annual 1996 International Carnahan Conference
Conference_Location :
Lexington, Kentucky, USA
Print_ISBN :
0-7803-3537-6
DOI :
10.1109/CCST.1996.551864
