A comment on the confinement problem
- 1 November 1975
- journal article
- Published by Association for Computing Machinery (ACM) in ACM SIGOPS Operating Systems Review
- Vol. 9 (5) , 192-196
- https://doi.org/10.1145/1067629.806537
Abstract
The confinement problem, as identified by Lampson, is the problem of assuring that a borrowed program does not steal for its author information that it processes for a borrower. An approach to proving that an operating system enforces confinement, by preventing borrowed programs from writing information in storage in violation of a formally stated security policy, is presented. The confinement problem presented by the possibility that a borrowed program will modulate its resource usage to transmit information to its author is also considered. This problem is manifest by covert channels associated with the perception of time by the program and its author; a scheme for closing such channels is suggested. The practical implications of the scheme are discussed.Keywords
This publication has 3 references indexed in Scilit:
- On attaining reliable software for a secure operating systemPublished by Association for Computing Machinery (ACM) ,1975
- A note on the confinement problemCommunications of the ACM, 1973
- A technique for software module specification with examplesCommunications of the ACM, 1972