Staff View
Design and Analysis of Protection Schemes Based on the Send-Receive Transport Mechanism

Descriptive

Language
LanguageTerm (authority = ISO 639-3:2007); (type = text)
English
Genre (authority = RULIB-FS)
Other
Genre (authority = marcgt)
technical report
PhysicalDescription
InternetMediaType
application/pdf
Extent
202 p.
Note (type = special display note)
Technical report DCS-TR-130
Name (type = corporate); (authority = RutgersOrg-School)
NamePart
School of Arts and Sciences (SAS) (New Brunswick)
Name (type = corporate); (authority = RutgersOrg-Department)
NamePart
Computer Science (New Brunswick)
TypeOfResource
Text
TitleInfo
Title
Design and Analysis of Protection Schemes Based on the Send-Receive Transport Mechanism
Abstract (type = abstract)
In a protection mechanism based on authorization, the ability of a subject (i.e., a user or a process) to operate on the system is determined by privileges inits domain. A mechanism for transport of privileges must accommodate a variety of policies, while permitting analysis of the privileges, which a given subject might obtain. The send-receive transport mechanism was designed by Minsky with these objectives in mind. In this mechanism, a transport operation is explicitly authorized at both the source and destination, and the authorization is selective with respect to which privileges can be transported.

Here we study a restricted version of this mechanism. Under our restrictions a protected system is designed in two stages. Firstly, a protection scheme is defined by specifying the values of certain parameters, which determine the static component of every subject's domain. Secondly, J defines the initial state specifying the dynamic
component of every subject's domain. This state then evolves as permitted by the protection scheme.

We formulate the flow-analysis problem, which is concerned with determining a bound on the authorization for transport of privileges, given a protection scheme and an initial state. We develop techniques for deriving and improving the desired bound. The major complication in doing so is the create operation, which permits the protection state to evolve in an unbounded manner. We investigate conditions which enable us to ignore the create operation. We also investigate conditions under which the initial authorization for transport of privileges remains invariant in every derived state.

We study additional analysis issues in the context of sub-classes of our design framework. The questions raised in such detailed analysis depend on the structure of these sub-classes.
Name (type = personal)
NamePart (type = family)
Sandhu
NamePart (type = given)
Ravinderpal Singh
Affiliation
Computer Science (New Brunswick)
Role
RoleTerm (type = text); (authority = marcrt)
author
OriginInfo
DateCreated (encoding = w3cdtf); (qualifier = exact); (keyDate = yes)
1983-04
RelatedItem (type = host)
TitleInfo
Title
Computer Science (New Brunswick)
Identifier (type = local)
rucore21032500001
Location
PhysicalLocation (authority = marcorg); (displayLabel = Rutgers, The State University of New Jersey)
NjNbRU
Identifier (type = doi)
doi:10.7282/T3NZ8C5G
Back to the top

Rights

RightsDeclaration (AUTHORITY = rightsstatements.org); (TYPE = IN COPYRIGHT); (ID = http://rightsstatements.org/vocab/InC/1.0/)
This Item is protected by copyright and/or related rights.You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use.For other uses you need to obtain permission from the rights-holder(s).
Copyright
Status
Copyright protected
Availability
Status
Open
Reason
Permission or license
Back to the top

Technical

RULTechMD (ID = TECHNICAL1)
ContentModel
Document
Back to the top
Version 8.3.13
Rutgers University Libraries - Copyright ©2020