Abstract
The recent trend towards dynamically extensible systems, such as Java, SPIN or VINO, promises more powerful and flexible systems. At the same time, the impact of extensibility on overall system security and, specifically, on access control is still ill understood, and protection mechanisms in these extensible systems are rudimentary at best. In this position paper, we identify the structure of extensible systems as it relates to system security and postulate an initial model for access control. This model extends the discretionary access control of traditional operating systems to encompass extensions and, by using ideas explored by the security community, introduces a notion of mandatory access control. While a new access control model does not address all aspects of system security, we believe that it can serve as a solid foundation for developing a fully featured and flexible security model for extensible systems.
Original language | English (US) |
---|---|
Pages | 62-66 |
Number of pages | 5 |
State | Published - 1997 |
Event | Proceedings of the 1997 6th Workshop on Hot Topics in Operating Systems, HOTOS - Cape Cod, MA, USA Duration: May 5 1997 → May 6 1997 |
Other
Other | Proceedings of the 1997 6th Workshop on Hot Topics in Operating Systems, HOTOS |
---|---|
City | Cape Cod, MA, USA |
Period | 5/5/97 → 5/6/97 |
ASJC Scopus subject areas
- General Computer Science