Complete formal verification is the only known way to guarantee that a system is free of programming errors. We present our experience in performing the formal, machine-checked …
We present an in-depth coverage of the comprehensive machine-checked formal verification of seL4, a general-purpose operating system microkernel. We discuss the kernel design we …
The Android software stack for mobile devices defines and enforces its own security model for apps through its application-layer permissions model. However, at its foundation, Android …
In this paper we tackle the challenge of providing a generic security architecture for the Android OS that can serve as a flexible and effective ecosystem to instantiate different …
C Wright, C Cowan, S Smalley, J Morris… - 11th USENIX Security …, 2002 - usenix.org
The access control mechanisms of existing mainstream operating systems are inadequate to provide strong system security. Enhanced access control mechanisms have failed to win …
P Loscocco, S Smalley - … Annual Technical Conference (USENIX ATC 01 …, 2001 - usenix.org
The protection mechanisms of current mainstream operating systems are inadequate to support confidentiality and integrity requirements for end systems. Mandatory access control …
N Provos - USENIX Security Symposium, 2003 - usenix.org
We introduce a system that eliminates the need to run programs in privileged process contexts. Using our system, programs run unprivileged but may execute certain operations …
JS Shapiro, JM Smith, DJ Farber - Proceedings of the seventeenth ACM …, 1999 - dl.acm.org
EROS is a capability-based operating system for commodity processors which uses a single level storage model. The single level store's persistence is transparent to applications. The …
S Smalley, C Vance, W Salamon - NAI Labs Report, 2001 - cs.unibo.it
In March 2001, the National Security Agency (NSA) gave a presentation about Security- Enhanced Linux (SELinux) at the 2.5 Linux Kernel Summit. SELinux is an implementation of …