Title :
A formal model for Unix setuid
Author :
Levin, Tim ; Padilla, Steven J. ; Irvine, Cynthia E.
Author_Institution :
Gemini Comput. Inc., Carmel, CA, USA
Abstract :
The Unix setuid (set user identification) mechanism is described in the context of the GEMSOS architecture. Motivation for modeling setuid is given, and modeling and policy requirements for the control of the setuid mechanism are presented. The GEMSOS formal security policy model is compared with the Bell and LaPadula model. The Bell and LaPadula model is shown not to admit the actions of a setuid mechanism. Features of the GEMSOS DAC (discretionary access control) model are described that represent the actions of the Unix setuid mechanism while limiting their negative effect on the DAC policy
Keywords :
Unix; operating systems (computers); security of data; Bell and LaPadula model; GEMSOS DAC; GEMSOS architecture; GEMSOS formal security policy model; Unix setuid; discretionary access control; formal model; set user identification; Access control; Application software; Computer architecture; Computer interfaces; Hardware; Kernel; Operating systems; Protection; Security; Trademarks;
Conference_Titel :
Security and Privacy, 1989. Proceedings., 1989 IEEE Symposium on
Conference_Location :
Oakland, CA
Print_ISBN :
0-8186-1939-2
DOI :
10.1109/SECPRI.1989.36279
