中文版 | English
Arid
Accommodative mandatory access control
Thomas, Jacques D.
出版年2011
学位类型博士
导师Vitek, Jan ; Eugster, Patrick
学位授予单位Purdue University
英文摘要In operating system access control, there is a traditional divide between discretionary access control (DAC), on one side, and mandatory access control (MAC), on the other side. Compositions of MAC and DAC have been modeled and implemented as operating system access control mechanisms. With composition, two access control decisions (one for DAC and one for MAC) have to concur for an access request to be allowed. DAC is typically supported by coarse grained mechanisms, and it vulnerable to Trojan horse attacks, two limitations that are addressed by MAC. MAC mechanisms are therefore of interest to security-conscious users and application developers that want to confine applications they use or develop. MAC mechanisms, however, can only be configured by administrative users and as such can not be used by regular users. This dissertation explores how MAC mechanisms can be made available to regular users of an operating system. Our approach consists in extending the Type Enforcement MAC model with an administrative model. We call this approach accommodative mandatory access control.
英文关键词Access control Administrative model Role based access control Selinux Type enforcement
语种英语
国家United States
来源学科分类Computer science
URLhttps://pqdtopen.proquest.com/doc/1014176946.html?FMT=AI
来源机构Purdue University
资源类型学位论文
条目标识符http://119.78.100.177/qdio/handle/2XILL650/245464
推荐引用方式
GB/T 7714		 Thomas, Jacques D.. Accommodative mandatory access control[D]. Purdue University,2011.
条目包含的文件
条目无相关文件。
个性服务
推荐该条目
保存到收藏夹
导出为Endnote文件
谷歌学术
谷歌学术中相似的文章
[Thomas, Jacques D.]的文章
百度学术
百度学术中相似的文章
[Thomas, Jacques D.]的文章
必应学术
必应学术中相似的文章
[Thomas, Jacques D.]的文章
相关权益政策
暂无数据
收藏/分享

除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。