Title :
The Design for a Secure System Based on Program Analysis
Author :
MacEwen, Glenn H.
Author_Institution :
Department of Computing and Information Science, Queen´´s University
fDate :
5/1/1983 12:00:00 AM
Abstract :
This paper describes the design of a prototype experimental secure operating system kernel called xsl that supports compile-time enforcement of an information flow policy. The security model chosen is an extension of Feiertag´s model modified to state requirements in terms of program analysis functions. A prototype flow analyzer for Pascal programs, based on Denning´s model, has been designed and implemented for incorporation into xs1. In addition, a flow analyzer, based on London´s model, has also been designed and implemented. Both kinds of enforcement are supported in xsl. Both program anallyzers use an intermediate code program representation, originally designed for code optimization. Implementation of the flow analyzers is in Euclid with the remainder of xsl in PascaL
Keywords :
Access control; information flow; modularization; operating systems; security; software engineering; system design; Computer security; Control systems; Design methodology; Design optimization; Information analysis; Information security; Kernel; Operating systems; Protection; Prototypes; Access control; information flow; modularization; operating systems; security; software engineering; system design;
Journal_Title :
Software Engineering, IEEE Transactions on
DOI :
10.1109/TSE.1983.236864
