Making information flow explicit in HiStar

Open Access

1 November 2011

journal article
Published by Association for Computing Machinery (ACM) in Communications of the ACM

Vol. 54 (11), 93-101
https://doi.org/10.1145/2018396.2018419

Abstract

HiStar is a new operating system designed to minimize the amount of code that must be trusted. HiStar provides strict information flow control, which allows users to specify precise data security policies without unduly limiting the structure of applications. HiStar's security features make it possible to implement a Unix-like environment with acceptable performance almost entirely in an untrusted user-level library. The system has no notion of superuser and no fully trusted code other than the kernel. HiStar's features permit several novel applications, including privacy-preserving, untrusted virus scanners and a dynamic Web server with only a few thousand lines of trusted code.

Keywords

Funding Information

Defense Advanced Research Projects Agency (CNS-0430425)
Division of Computer and Network Systems (CNS-0430425, CNS-0716806)

This publication has 7 references indexed in Scilit:

Information flow control for standard OS abstractions
Published by Association for Computing Machinery (ACM) ,2007
Labels and event processes in the asbestos operating system
Published by Association for Computing Machinery (ACM) ,2005
Protecting privacy using the decentralized label model
ACM Transactions on Software Engineering and Methodology, 2000
EROS
Published by Association for Computing Machinery (ACM) ,1999
Multilevel security in the UNIX tradition
Software: Practice and Experience, 1992
Formal Models for Computer Security
ACM Computing Surveys, 1981
A hardware architecture for implementing protection rings
Published by Association for Computing Machinery (ACM) ,1971

Cited by 43 articles