Engineering a security kernel for Multics

Michael D. Schroeder

Abstract

This paper describes a research project to engineer a security kernel for Multics, a general-purpose, remotely accessed, multiuser computer system. The goals are to identify the minimum mechanism that must be correct to guarantee computer enforcement of desired constraints on information access, to simplify the structure of that minimum mechanism to make verification of correctness by auditing possible, and to demonstrate by test'implementation that the security kernel so developed is capable of supporting the functionality of Multics completely and efficiently. The paper presents the overall viewpoint and plan for the project and discusses initial strategies being employed to define and structure the security kernel.

Details

Publication typeInproceedings
Published inProceedings of the 5th ACM Symposium on Operating Systems Principles
URLhttp://doi.acm.org/10.1145/800213.806518
PublisherAssociation for Computing Machinery, Inc.
> Publications > Engineering a security kernel for Multics