Check out the new USENIX Web site. next up previous
Next: About this document ... Up: Linux Security Modules: General Previous: Availability

Bibliography

1
Marshall D. Abrams, Leonard J. LaPadula, Kenneth W. Eggers, and Ingrid M. Olson.
A generalized framework for access control: An informal description.
In Proceedings of the 13th National Computer Security Conference, pages 135-143, October 1990.

2
J. Anderson.
Computer Security Technology Planning Study.
Report Technical Report ESD-TR-73-51, Air Force Elect. Systems Div., October 1972.

3
Argus Systems.
PitBull LX.
https://www.argus-systems.com/product/white_paper/lx.

4
L. Badger, D.F. Sterne, and et al.
Practical Domain and Type Enforcement for UNIX.
In Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 1995.

5
Lee Badger, Daniel F. Sterne, David L. Sherman, Kenneth M. Walker, and Sheila A. Haghighat.
A Domain and Type Enforcement UNIX Prototype.
In Proceedings of the USENIX Security Conference, 1995.

6
D. Baker.
Fortresses built upon sand.
In Proceedings of the New Security Paradigms Workshop, 1996.

7
Brian N. Bershad, Stefan Savage, Przemysaw Pardyak, Emin Gün Sirer, Marc Fiuczynski, David Becker, Susan Eggers, and Craig Chambers.
Extensibility, Safety and Performance in the SPIN Operating System.
In Symposium on Operating Systems Principles (SOSP), Copper Mountain, Colorado, December 1995.

8
M. Bishop and M. Digler.
Checking for Race Conditions in File Accesses.
Computing Systems, 9(2):131-152, Spring 1996.
Also available at https://olympus.cs.ucdavis.edu/~bishop/scriv/index.html.

9
W.E. Boebert and R.Y. Kain.
A Practical Alternative to Hierarchical Integrity Policies.
In Proceedings of the 8th National Computer Security Conference, Gaithersburg, MD, 1985.

10
Crispin Cowan, Steve Beattie, Calton Pu, Perry Wagle, and Virgil Gligor.
SubDomain: Parsimonious Server Security.
In USENIX 14th Systems Administration Conference (LISA), New Orleans, LA, December 2000.

11
Crispin Cowan, Andrew Black, Charles Krasic, Calton Pu, Jonathan Walpole, Charles Consel, and Eugen-Nicolae Volanschi.
Specialization Classes: An Object Framework for Specialization.
In Proceedings of the Fifth International Workshop on Object-Orientation in Operating Systems (IWOOOS '96), Seattle, WA, October 27-28 1996.

12
``Solar Designer''.
Non-Executable User Stack.
https://www.openwall.com/linux/.

13
Antony Edwards, Trent R. Jaeger, and Xiaolan Zhang.
Verifying Authorization Hook Placement for the Linux Security Modules Framework.
Report RC22254, IBM T.J. Watson Research Center, December 2001.
https://domino.watson.ibm.com/library/cyberdig.nsf/1e4115aea78b6e7c85256b360066f0d4/fd3bffacfd2bbd9385256b30005ec7ee?OpenDocument.

14
Antony Edwards, Xiaolan Zhang, and Trent Jaeger.
Using CQUAL for Static Analysis of Authorization Hook Placement.
In USENIX Security Symposium, San Francisco, CA, August 2002.

15
Nigel Edwards, Joubert Berger, and Tse Houng Choo.
A Secure Linux Platform.
In Proceedings of the 5th Annual Linux Showcase and Conference, November 2001.

16
Dawson R. Engler, M. Frans Kaashoek, and James O'Toole Jr.
Exokernel: An Operating System Architecture for Application-level Resource Management.
In Symposium on Operating Systems Principles (SOSP), Copper Mountain, Colorado, December 1995.

17
M. Abrams et al.
Information Security: An Integrated Collection of Essays.
IEEE Comp., 1995.

18
Tim Fraser, Lee Badger, and Mark Feldman.
Hardening COTS Software with Generic Software Wrappers.
In Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 1999.

19
Timothy Fraser.
LOMAC: Low Water-Mark Integrity Protection for COTS Environments.
In Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 2000.

20
Timothy Fraser.
LOMAC: MAC You Can Live With.
In Proceedings of the FREENIX Track, USENIX Annual Technical Conference, Boston, MA, June 2001.

21
Virgil D. Gligor, Serban I Gavrila, and David Ferraiolo.
On the Formal Definition of Separation-of-Duty Policies and their Composition.
In Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 1998.

22
Andreas Grunbacher.
Extended Attributes and Access Control Lists for Linux.
World-wide web page available at https://acl.bestbits.at/ , December 2001.

23
Serge Hallyn and Phil Kearns.
Domain and Type Enforcement for Linux.
In Proceedings of the 4th Annual Linux Showcase and Conference, October 2000.

24
Jon Inouye, Ravindranath Konuru, Jonathan Walpole, and Bart Sears.
The Effects of Virtually Addressed Caches on Virtual Memory Design & Performance.
Operating Systems Review, 24(4):896-908, October 1992.
Also published as OGI technical report CSE-92-010, ftp://cse.ogi.edu/pub/tech-reports/1992/92-010.ps.gz.

25
SNARE.
World-wide web page available at https://intersectalliance.com/projects/Snare/.

26
Jay Lepreau, Bryan Ford, and Mike Hibler.
The persistent relevance of the local operating system to global applications.
In Proceedings of the ACM SIGOPS European Workshop, pages 133-140, September 1996.

27
Linux Intrusion Detection System.
World-wide web page available at https://www.lids.org.

28
T. Linden.
Operating System Structures to Support Security and Reliable Software.
ACM Computing Surveys, 8(4), December 1976.

29
Peter Loscocco and Stephen Smalley.
Integrating Flexible Support for Security Policies into the Linux Operating System.
In Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference (FREENIX '01), June 2001.

30
Peter A. Loscocco, Stephen D. Smalley, Patrick A. Muckelbauer, Ruth C. Taylor, S. Jeff Turner, and John F. Farrell.
The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments.
In Proceedings of the 21st National Information Systems Security Conference, pages 303-314, October 1998.

31
Larry W. McVoy and Carl Staelin.
lmbench: Portable Tools for Performance Analysis.
In USENIX Annual Technical Conference, 1996.
https://www.bitmover.com/lmbench/.

32
Medusa.
World-wide web page available at https://medusa.fornax.sk.

33
Mindcraft.
WebStone Standard Web Server Benchmark.
https://www.mindcraft.com/webstone/.

34
David Mosberger and Larry L. Peterson.
Making Paths Explicit in the Scout Operating System.
In Symposium on Operating Systems Design and Implementation (OSDI), pages 153-168, October 1996.
https://www.cs.arizona.edu/scout/Papers/osdi96/.

35
Greg Nelson.
System Programming in Modula-3.
Prentice Hall, 1991.

36
Netfilter Core Team.
The Netfilter Project: Packet Mangling for Linux 2.4, 1999.
https://www.netfilter.org/ .

37
Amon Ott.
The Rule Set Based Access Control (RSBAC) Linux Kernel Security Extension.
In Proceedings of the 8th International Linux Kongress, November 2001.

38
Calton Pu, Tito Autrey, Andrew Black, Charles Consel, Crispin Cowan, Jon Inouye, Lakshmi Kethana, Jonathan Walpole, and Ke Zhang.
Optimistic Incremental Specialization: Streamlining a Commercial Operating System.
In Symposium on Operating Systems Principles (SOSP), Copper Mountain, Colorado, December 1995.

39
Jerome H. Saltzer and Michael D. Schroeder.
The Protection of Information in Computer Systems.
Proceedings of the IEEE, 63(9), November 1975.

40
Stephen Smalley, Timothy Fraser, and Chris Vance.
Linux Security Modules: General Security Hooks for Linux.
https://lsm.immunix.org/, September 2001.

41
Ray Spencer, Stephen Smalley, Peter Loscocco, Mike Hibler, David Andersen, and Jay Lepreau.
The Flask Security Architecture: System Support for Diverse Security Policies.
In Proceedings of the Eighth USENIX Security Symposium, pages 123-139, August 1999.

42
Winfried Trumper.
Summary about POSIX.1e.
https://wt.xpilot.org/publications/posix.1e, July 1999.

43
Eugen N. Volanschi, Charles Consel, Gilles Muller, and Crispin Cowan.
Declarative Specialization of Object-Oriented Programs.
In Proceedings of the Conference on Object-Oriented Programming Systems, Languages, and Applications (OOPSLA'97), Atlanta, GA, October 1997.

44
Robert N.M. Watson.
TrustedBSD: Adding Trusted Operating System Features to FreeBSD.
In Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference (FREENIX '01), June 2001.

45
WireX Communications.
Linux Security Module.
https://lsm.immunix.org/, April 2001.

46
Marek Zelem and Milan Pikula.
ZP Security Framework.
https://medusa.fornax.sk/English/medusa-paper.ps.



Chris Wright 2002-05-13