A time interval memory protection system
Afinidad, Francis B.
Irvine, Cynthia E.
Nguyen, Thuy D.
Levin, Timothy E.
MetadataShow full item record
Time is often a critical factor for making decisions regarding access to information. To manage and protect critical data in this regard implies that information systems need to enforce temporal security policies. However, we lack operating system and hardware support for implementing temporal protection mechanisms. A time interval memory protection architecture to support enforcement of temporal policies is presented. It implements a Time Interval Access Control model in which authorizations are determined by time attributes associated with subjects and objects, and constraints on the relations of those attributes relative to the time of access. The policy is enforced at the memory page level by kernel mechanisms and related hardware extensions. The notion of memory access phases and the principle of efficiently mediated access are articulated to support the analysis of the design. A simulator-based prototype shows that the architecture is both feasible and practical.
NPS Report NumberNPS-CS-06-002
Showing items related by title, author, creator and subject.
Designing a virtual-memory implementation using the Motorola MC68010 16 bit microprocessor with multi-processor capability interfaced to the VMEbus Sendek, David M. (Monterey, California: Naval Postgraduate School, 1990-06);The primary purpose of this thesis is to explore and discuss the hardware design of a bus-oriented microprocessor system. A bus-oriented microprocessor system permits it to be expanded to a multi-processor system. Through ...
Sanders, Kyle (Monterey, California: Naval Postgraduate School, 2009-06);Debugging is a useful technique in all aspects of software development, including that of operating systems. Because they provide low level interfaces to the hardware, operating systems are particularly difficult to debug. ...
Cooper, Robert C. (Monterey, California. Naval Postgraduate School, 2005-03);The use of specialized single-level networks in current military operations is inadequate to meet the need to share information envisioned by the Global Information Grid (GIG). Multilevel security (MLS) is a key Information ...