Skip to main content
Conference Proceedings

Least privilege in separation kernels

Communications in Computer and Information Science (2008) 9 146-157
DOI: 10.1007/978-3-540-70760-8_12
11Citations
Citations of this article
14Readers
Mendeley users who have this article in their library.
Get full text

Abstract

We extend the separation kernel abstraction to represent the enforcement of the principle of least privilege. In addition to the inter-block flow control policy prescribed by the traditional separation kernel paradigm, we describe an orthogonal, finer-grained flow control policy by extending the protection of elements to subjects and resources, as well as blocks, within a partitioned system. We show how least privilege applied to the actions of subjects provides enhanced protection for secure systems.

Author supplied keywords

Cite

CITATION STYLE

APA

Levin, T. E., Irvine, C. E., & Nguyen, T. D. (2008). Least privilege in separation kernels. In Communications in Computer and Information Science (Vol. 9, pp. 146–157). Springer Verlag. https://doi.org/10.1007/978-3-540-70760-8_12

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free