Title :
How to make Discretionary Access Control secure against trojan horses
Author_Institution :
Dept. of Comput. Sci., Purdue Univ., Lafayette, IN
Abstract :
Modern commercial of the shelf operating systems use Discretionary Access Control (DAC) to protect files and other operating system resources. According to the Trusted Computer System Evaluation Criteria (TCSEC) (often referred to as the Orange Book) [1], Discretionary Access Control is "a means of restricting access to objects based on the identity of subjects and/or groups to which they belong. The controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (perhaps indirectly) on to any other subject (unless restrained by mandatory access control)."
Keywords :
access control; invasive software; operating systems (computers); DAC; TCSEC; discretionary access control; shelf operating systems; trojan horses; trusted computer system evaluation criteria; Access control; Computer security; Invasive software; Linux; National security; Operating systems; Permission; Power system security; Protection; Software performance;
Conference_Titel :
Parallel and Distributed Processing, 2008. IPDPS 2008. IEEE International Symposium on
Conference_Location :
Miami, FL
Print_ISBN :
978-1-4244-1693-6
Electronic_ISBN :
1530-2075
DOI :
10.1109/IPDPS.2008.4536104
