Apr. 29, 1984 to May 2, 1984
Paul A. Karger , Digital Equipment Corporation
Andrew J. Herbert , University of Cambridge
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/SP.1984.10001
This paper describes a protection system that supports the confinement of access as required by non-discretionary access control models such as the Bell and LaPadula lattice model. The approach is to use capability-based protection at the lowest level for implementing confined domains, in support of access control lists for expressing security policies outside the security kernel. The implementation of such a system in the context of hardware support for capabilities is discussed.
Paul A. Karger, Andrew J. Herbert, "An Augmented Capability Architecture to Support Lattice Security and Traceability of Access", SP, 1984, 2012 IEEE Symposium on Security and Privacy, 2012 IEEE Symposium on Security and Privacy 1984, pp. 2, doi:10.1109/SP.1984.10001