next up previous
Next: About this document ... Up: Linux Security Module Framework Previous: Availability


The Holy Bible: Genesis 11:1-8.

J. Anderson.
Computer Security Technology Planning Study.
Report Technical Report ESD-TR-73-51, Air Force Elect. Systems Div., October 1972.

L. Badger, D.F. Sterne, and et al.
Practical Domain and Type Enforcement for UNIX.
In Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 1995.

Lee Badger, Daniel F. Sterne, David L. Sherman, Kenneth M. Walker, and Sheila A. Haghighat.
A Domain and Type Enforcement UNIX Prototype.
In Proceedings of the USENIX Security Conference, 1995.

D. Baker.
Fortresses built upon sand.
In Proceedings of the New Security Paradigms Workshop, 1996.

M. Bishop and M. Digler.
Checking for Race Conditions in File Accesses.
Computing Systems, 9(2):131-152, Spring 1996.
Also available at bishop/scriv/index.html.

Crispin Cowan, Steve Beattie, Calton Pu, Perry Wagle, and Virgil Gligor.
SubDomain: Parsimonious Server Security.
In USENIX 14th Systems Administration Conference (LISA), New Orleans, LA, December 2000.

Solar Designer.
Non-Executable User Stack.

Antony Edwards and Xiaolan Zhang.
Using CQUAL for Static Analysis of Authorization Hook Placement.
In USENIX Security Symposium, San Francisco, CA, August 2002.

M. Abrams et al.
Information Security: An Integrated Collection of Essays.
IEEE Comp., 1995.

Timothy Fraser.
LOMAC: Low Water-Mark Integrity Protection for COTS Environments.
In Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 2000.

Timothy Fraser.
LOMAC: MAC You Can Live With.
In Proceedings of the FREENIX Track, USENIX Annual Technical Conference, Boston, MA, June 2001.

Virgil D. Gligor, Serban I Gavrila, and David Ferraiolo.
On the Formal Definition of Separation-of-Duty Policies and their Composition.
In Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 1998.

Serge Hallyn and Phil Kearns.
Domain and Type Enforcement for Linux.
In Proceedings of the 4th Annual Linux Showcase and Conference, October 2000.

S. Kent and R. Atkinson.
Security Architecture for the Internet Protocol.
RFC 2401, November 1998.

Jay Lepreau, Bryan Ford, and Mike Hibler.
The persistent relevance of the local operating system to global applications.
In Proceedings of the ACM SIGOPS European Workshop, pages 133-140, September 1996.

Linux Intrusion Detection System.
World-wide web page available at

T. Linden.
Operating System Structures to Support Security and Reliable Software.
ACM Computing Surveys, 8(4), December 1976.

Peter Loscocco and Stephen Smalley.
Integrating Flexible Support for Security Policies into the Linux Operating System.
In Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference (FREENIX '01), June 2001.

Peter A. Loscocco, Stephen D. Smalley, Patrick A. Muckelbauer, Ruth C. Taylor, S. Jeff Turner, and John F. Farrell.
The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments.
In Proceedings of the 21st National Information Systems Security Conference, pages 303-314, October 1998.

S. J. Leffler W. N. Joy M. K. McKusick, M. J. Karels and R. S. Faber.
Berkeley Software Architecture Manual, 4.4BSD Edition.
University of California, Berkeley, Berkeley, CA, 1994.

Larry W. McVoy and Carl Staelin.
lmbench: Portable Tools for Performance Analysis.
In USENIX Annual Technical Conference, 1996.

Netfilter Core Team.
The Netfilter Project: Packet Mangling for Linux 2.4, 1999. .

Amon Ott.
The Rule Set Based Access Control (RSBAC) Linux Kernel Security Extension.
In Proceedings of the 8th International Linux Kongress, November 2001.

Eric S. Raymond.
The Cathedral & the Bazaar: Musings on Linux and Open Source by an Accidental Revolutionary.
O'Reilly & Associates, 1999.

Jerome H. Saltzer and Michael D. Schroeder.
The Protection of Information in Computer Systems.
Proceedings of the IEEE, 63(9), November 1975.

Stephen Smalley, Timothy Fraser, and Chris Vance.
Linux Security Modules: General Security Hooks for Linux., September 2001.

Ray Spencer, Stephen Smalley, Peter Loscocco, Mike Hibler, David Andersen, and Jay Lepreau.
The Flask Security Architecture: System Support for Diverse Security Policies.
In Proceedings of the Eighth USENIX Security Symposium, pages 123-139, August 1999.

Winfried Trumper.
Summary about POSIX.1e., July 1999.

WireX Communications.
Linux Security Module., April 2001.

Chris Wright, Crispin Cowan, Stephen Smalley, James Morris, and Greg Kroah-Hartman.
Linux Security Modules: General Security Support for the Linux Kernel.
In USENIX Security Symposium, San Francisco, CA, August 2002.

Marek Zelem and Milan Pikula.
ZP Security Framework.

James Morris