Document Type
Article
Publication Date
7-2006
Department
Computer Science
Language
English
Publication Title
ACM SIGOPS Operating Systems Review
Abstract
General-purpose, commercial software platforms are increasingly used as system building blocks, even for dependable systems. One reason for their generality, usefulness, and popular adoption is that these software platforms can evolve through ad hoc extensions: behavior tweaks outside the scope of supported platform interfaces. Unfortunately, such use of internal platform implementation details is fundamentally incompatible with security and reliability. Even so, platforms that exclude ad hoc extensions---for instance, by enforcing full isolation and strict interfaces---will, most likely, either have their security enforcement circumvented or be relegated to a niche market. In this paper, we identify ad hoc extensions as well as the economic and technical factors surrounding their existence. Subsequently, we propose the enforcement of novel access-control policies for reconciling ad hoc extensibility with security and reliability.
DOI
10.1145/1151374.1151393
Recommended Citation
Erlingsson, Úlfar and MacCormick, John P., "Ad hoc Extensibility and Access Control" (2006). Dickinson College Faculty Publications. Paper 666.
https://scholar.dickinson.edu/faculty_publications/666
Comments
Published as:
Erlingsson, Úlfar, and John MacCormick. "Ad hoc Extensibility and Access Control." ACM SIGOPS Operating Systems Review 40, no. 3 (2006): 93-101.
This author post-print is made available on Dickinson Scholar with the permission of the publisher. For more information on the published version, visit ACM's (Association for Computing Machinery) Website.