Mandatory security and performance of services in Asbestos

Ziegler, David Patrick

Author(s)

Ziegler, David Patrick

DownloadFull printable version (2.759Mb)

Other Contributors

Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science.

Advisor

M. Frans Kaashoek.

Terms of use

M.I.T. theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission. See provided URL for inquiries about permission. http://dspace.mit.edu/handle/1721.1/7582

Metadata

Show full item record

Abstract

This thesis presents the design and implementation for several system services, including network access and database storage, on a new operating system design, Asbestos. Using the security mechanism provided by Asbestos, Asbestos labels, these services are used to support the construction of secure Web applications. The network and database services serve as the foundation for a Web server that supports mandatory security policies, such that even a compromised Web application cannot improperly disclose private data. The methods used in this thesis allow Web application developers to be freed from worries about flawed applications, if developers are willing to place trust in the underlying services used.

Description

Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2005.

Includes bibliographical references (p. 61-66).

Date issued

2005

URI

http://hdl.handle.net/1721.1/33376

Department

Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science.

MIT Libraries homeDSpace@MIT