Pattern-Directed Protection Evaluation
Author
Jim Carlstedt, Richard Bisbey II, Gerald Popek
Abstract
Because of the urgent security requirments in many existing general-purpose operating systems, the large investment committed to such systems, and the large number of protection errors embedded in them, the problem of finding such errors is one of major importance. This report presents an approach to this task, based on the premise that the effectiveness of error searches can be greatly increased by techniques that utilize \"patterns,\" i.e., formalized descriptions of error types. It gives a conceptual overview of the pattern-directed evaulation process and reports the authors\' initial experience in formulating patterns from the analysis of protection errors previously detected in various systems, as well as in applying the pattern-directed technique. This study is part of a larger effort to provide securable operating systems in DoD environments.
Institution
Univeristy of Southern California
Affiliation
Information Sciences Institute
Publication Date
0000-00-00
Contents
Preface...........................................v
1. Introduction...............................1
2. Basic Considerations.............3
3. Pattern Development..............5
4. Development and Appli-
cation of Pattern-Directed
Techniques................................9
5. An Example............................13
6. Summary................................16
Acknowledgments.....................17
References.................................19
Keywords
computer security, debugging, error patterns, operating systems, protection, protection evaluation, software security
Location
A hard-copy of this is in the Papers Cabinet
Subject
Locating protection errors