• DocumentCode
    2701014
  • Title

    A mandatory access control mechanism for the Unix file system

  • Author

    Thomas, Tim

  • Author_Institution
    Motorola Inc., Urbana, IL, USA
  • fYear
    1988
  • fDate
    12-16 Dec 1988
  • Firstpage
    173
  • Lastpage
    177
  • Abstract
    The design of a mandatory access control (MAC) mechanism for the Unix file system is described. The design is simple, compatible with AT&T´s Systems V and Berkeley´s BSD Unix with Sun Microsystem´s Network File System support, and it avoids some of the deficiencies present in approaches done to date. The MAC design introduces the concept of file name hiding. The design eliminates the need for partitioned directories and the need to log out and then log in again to use upgraded directories. The author briefly describes the traditional Unix file system. Approaches to adding a mandatory access control mechanism to the Unix file system are detailed, and problems with the approaches are examined. Finally, the proposed approach is described, including an explanation of how it solves the deficiencies of the previous approaches
  • Keywords
    Unix; security of data; BSD Unix; MAC design; Network File System support; Systems V; file name hiding; mandatory access control mechanism; traditional Unix file system; Access control; Data security; Erbium; File systems;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Aerospace Computer Security Applications Conference, 1988., Fourth
  • Conference_Location
    Orlando, FL
  • Print_ISBN
    0-8186-0895-1
  • Type

    conf

  • DOI
    10.1109/ACSAC.1988.113437
  • Filename
    113437
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2701014