Making information flow explicit in HiStar
Author(s)
Zeldovich, Nickolai; Boyd-Wickizer, Silas; Kohler, Eddie; Mazieres, David
DownloadZeldovich_Making information.pdf (228.3Kb)
OPEN_ACCESS_POLICY
Open Access Policy
Creative Commons Attribution-Noncommercial-Share Alike
Terms of use
Metadata
Show full item recordAbstract
HiStar is a new operating system designed to minimize the amount of code that must be trusted. HiStar provides strict information flow control, which allows users to specify precise data security policies without unduly limiting the structure of applications. HiStar's security features make it possible to implement a Unix-like environment with acceptable performance almost entirely in an untrusted user-level library. The system has no notion of superuser and no fully trusted code other than the kernel. HiStar's features permit several novel applications, including privacy-preserving, untrusted virus scanners and a dynamic Web server with only a few thousand lines of trusted code.
Date issued
2011-11Department
Massachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory; Massachusetts Institute of Technology. Department of Electrical Engineering and Computer ScienceJournal
Communications of the ACM
Publisher
Association for Computing Machinery (ACM)
Citation
Nickolai Zeldovich, Silas Boyd-Wickizer, Eddie Kohler, and David Mazières. 2011. Making information flow explicit in HiStar. Commun. ACM 54, 11 (November 2011), 93-101.
Version: Author's final manuscript
ISSN
0001-0782
1557-7317