clarke@csri.toronto.edu (Jim Clarke) (11/17/88)
COLLOQUIUM - Tuesday, November 29, 11 a.m. in Room SF 1105
(SF = Sandford Fleming Building, 10 King's College Road)
Michael C. Rabin
Hebrew University, Jerusalem
T.J. Watson Professor of
Computer Science, Harvard University
"ITOSS - An Integrated Toolkit for Operating Systems and File Security"
We propose a new model for computer security. Rather than employ formal
verification of programs and other customary approaches, ITOSS uses a
number of novel (non-cryptographic) algorithms and operating systems con-
structs to achieve the following:
A security-expression calculus for exact matching of process
privileges and access requirements, to protections of files.
Exact tailoring of user access privileges to their job needs.
Active as well as passive protections for files.
Protection against malicious behavior of users having wide access
privileges.
Authentication of files and other second-line defences against system
penetration.
Minimal degradation of performance as a result of security.
ITOSS has been implemented and provides defences against all known attacks
on file privacy and integrity. We shall describe the architecture of the
latest ITOSS version. This is joint work with D. Tygar.
--
Jim Clarke -- Dept. of Computer Science, Univ. of Toronto, Canada M5S 1A4
(416) 978-4058
BITNET,CSNET: clarke@csri.toronto.edu CDNNET: clarke@csri.toronto.cdn
UUCP: {allegra,cornell,decvax,linus,utzoo}!utcsri!clarke