Assuring Distributed Trusted Mach
نویسندگان
چکیده
The Distributed Trusted Mach (DTMach) program is developing a design for a high-assurance, secure, distributed system based on Mach. To achieve this goal, it is rst necessary to identify the general threats against which DTMach must protect. The next step is to identify control mechanisms that are suucient to protect against each of the threats. The DTMach design makes extensive use of type enforcement in addressing the threats. This paper describes the general threats and the countermeasures provided by DTMach. Doing so provides more evidence of the usefulness of type enforcement in general and the high assurance provided by the DTMach type enforcement policy.
منابع مشابه
Naming Facilities for Operating System Emulation in Mach 3.0
The Mach 3.0 micro-kernel provides a foundation for the emulation of various operating systems with a combination of libraries and Mach servers. We present a general-purpose naming facility to help construct such emulation systems by assembling many independent servers. This facility defines a set of standard interfaces for a uniform name space with uniform access mediation and a set of practic...
متن کاملA Trusted System for Sharing Patient Electronic Medical Records in Autonomous Distributed Health Care Systems
The problem of assuring secure and confidential access and transfer of medical records in healthcare facilities can be partitioned into (a) secure storage and access of electronic records within a facility and (b) secure transfer of electronic records between facilities. To address the first issue, we propose a new tag-based data model for representation of electronic medical records along with...
متن کاملOptimistic Fair Exchange with Transparent Signature Recovery
We propose a new protocol allowing the exchange of an item against a signature while assuring fairness. The proposed protocol, based on the Girault-Poupard-Stern signature scheme (a variation of the Schnorr scheme), assumes the existence of a trusted third party that, except in the setup phase, is involved in the protocol only when one of the parties does not follow the designated protocol or s...
متن کاملMIKE: A Distributed object-oriented programming platform on top of the Mach micro-kernel
This paper describes the architecture and implementation of MIKE a version of the IK distributed persistent object oriented programming platform built on top of the Mach microkernel MIKE s primary goal is to o er a single object oriented programming paradigm for writing distributed applications In MIKE an application programmer can use C almost as he would in a non distributed system The platfo...
متن کاملSoftware Tampering Detection using AOP and mobile code
Assuring that a given code is faithfully executed with defined parameters and constraints on an un-trusted host is an open problem, which is especially important in the context of computing over communications networks. This work evaluates applicability of Aspect-Oriented Programming (AOP) to the problem of remotely authenticating code during execution, which aims at assuring that the software ...
متن کامل