An authorization mechanism for unix-based cooperative environments

https://doi.org/10.1016/0306-4379(91)90039-CGet rights and content

Abstract

The extension to the UNIX protection mechanisms proposed in this paper aims at supporting controlled resource sharing and more flexible and fine-grained discretionary protection in UNIX-based cooperative work environments, such as collaborative software development environments (SDEs).

In these environments, the project members need to share programs, data and tools on a temporary basis and according to their roles in the project. Run-time updatable decentralized authorization allows the group to implement separate work areas administered by different project responsibles.

The proposed system is based on tools for specifying the cooperative SDE protection policies at the level of project members. Decentralized authorization is achieved through the authorizer role.

System tools, integrated in the UNIX kernel, implement the run-time access checking.

The protection system architecture and a prototype, based on a UNIX-like kernel restructuring approach, are described.

References (30)

  • M Bach

    The Design of the Unix Operating System

    (1986)
  • S Bunch

    The SETUID feature in UNIX and security

  • T.A Dolotta et al.

    PWB/UNIX—overview and synopsis of facilities

    Technical Report Bell Labs

    (1977)
  • D.E Denning

    Cryptography and Data Security

    (1982)
  • I Sommerville

    Software Engineering

    (1989)
  • D.D Clark et al.

    A comparison of commercial and military computer security policies

  • J.A Larson

    Granting and revoking discretionary authority

    Information Systems

    (1983)
  • T.Y Lin

    A generalized information flow model of the role of system security officers

  • I Greif et al.

    Data sharing in group work

    ACM Trans. Office Inform. Syst.

    (1988)
  • E.J McCauley et al.

    KSOS—the design of a secure operating system

  • G Popek et al.

    UCLA Secure UNIX

  • Department of Defense Trusted Computer Systems Evaluation Criteria

    Department of Defense, National Computer Security Center, Repor DoD 5200. 28-STD

    (1985)
  • V.D Gligor et al.

    On the design and the implementation of secure XENIX workstations

  • R Burgess

    Standardization in operating systems

  • Cited by (0)

    View full text