Abstract | ||
---|---|---|
Protection should fundamentally be flexible for devices roaming in Beyond 3G networks. In this federation of heterogeneous
access networks, each sub-network comes with its own security requirements, policies, and protocols. Foundational element
of device security, the embedded OS itself, should become adaptable to make it possible to tune its protection mechanisms
to the current security context, notably to support multiple authorization policies. We show how flexibility can be applied
to the kernel authorization architecture by adopting a component-based OS design, the component serving as single abstraction
for reconfiguration and security. We present a policy-neutral access control architecture called CRACKER (Component-based
Reconfigurable Access Control for KERnels) for component-based operating systems. CRACKER supports a wide range of authorization
policies, and permits policy reconfiguration, in the same or in different security models. Specified in the Fractal component
model, and implemented in the Think OS, CRACKER illustrates how flexible kernel authorization can be realized while maintaining
acceptable system performance. |
Year | DOI | Venue |
---|---|---|
2009 | 10.1007/s12243-008-0071-0 | Annales des Télécommunications |
Keywords | Field | DocType |
access control.authorization. component-based architectures.security kernels. operatingsystems.flexibility.policy-neutral authorization,system performance,security model,access control,access network,component model,operating system | Embedded operating system,Computer network,Access control,Engineering,Kernel method,Fractal component model,Roaming,Control reconfiguration,Computer security model,Access network | Journal |
Volume | Issue | ISSN |
64 | 1-2 | 1958-9395 |
Citations | PageRank | References |
7 | 0.56 | 58 |
Authors | ||
3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Marc Lacoste | 1 | 46 | 4.85 |
Tahar Jarboui | 2 | 67 | 4.35 |
Ruan He | 3 | 50 | 3.59 |