Announcements

Center for Information Protection
UC Davis is planning to join the NSF I/UCRC Center for Information Protection. We are looking for companies to join our Industrial Advisory Board.
Find out more here!

Conferences and Workshops

• ISGIG 2009
• ACSAC 25
• PETRA 2010 (due 11/15)
• Oakland 2010 (due 11/18)

My Links

• My Home Page
• Books
• Classes
• Papers
• Reports and Notes
• Research
• Security in Programming
• Service
• Students
• Talks
• Miscellaneous
• My Family
• About Me (CV and such)

Other Links

• MyUCDavis
• Computer Security Lab
• Dept. of Computer Science
• College of Engineering
• University of California, Davis
• City of Davis
• County of Yolo
• State of California
• United States of America

This Quarter’s Classes

Office Hours for This Quarter

Contacting Me

Practical Take-Grant Systems: Do They Exist?

Citation

• M. Bishop, “Practical Take-Grant Systems: Do They Exist?”, Ph.D. Thesis, Dept. of Computer Sciences, Purdue University, West Lafayette, IN 47907 (May 1984).

Paper

• PDF (Warning: 39.4MB)
  
• gzipped PS (Warning: 165.8MB)
  

Abstract

The Take-Grant Protection Model is a theoretical model of computer safety. This thesis considers whether this model can be applied to non-theoretical computer systems. First, a model of hierarchical systems is presented; then, some new results are presented, and three extensions are proposed. These new results and extensions are used to model reference monitors and examine an existing computer system for security weaknesses; methods of fixing these weaknesses are also derived. The thesis concludes that, with the proper extensions, the Take-Grant Protection Model can indeed be used to examine existing systems for security flaws.

Background