Ivan Krstić
Simson L. Garfinkel
ABSTRACT
We present an integrated security model for a low-cost laptop that will be widely deployed throughout the developing world. Implemented on top of Linux operating system, the model is designed to restrict the laptop's software without restricting the laptop's user.
References
- D. Bell and L. LaPadula. Secure computer systems: Mathematical foundations and model. report MTR 2547 v2. Technical report, MITRE, November 1973.Google Scholar
- Crispan Cowan, Calton Pu, Dave Maier, Jonathan Walpole, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, Qian Zhang, and Heather Hinton. StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks. In Proc. 7th USENIX Security Conference, pages 63--78. Usenix, San Antonio, Texas, jan 1998. citeseer.ist.psu.edu/cowan98stackguard.html. Google ScholarDigital Library
- D. Crockford. RFC 4627: The application/json media type for javascript object notation (json), July 2006.Google Scholar
- Peter Elbow. In defense of private writing. Written Communication, 16(2):139--170, 1999.Google ScholarCross Ref
- Simson Garfinkel. The pure software act of 2006. TechnologyReview.com, April 7 2004. http://simson.net/clips/2004/2004.TR.04.PureSoftware.pdf.Google Scholar
- Simson L. Garfinkel. Design Principles and Patterns for Computer Systems that are Simultaneously Secure and Usable. PhD thesis, MIT, Cambridge, MA, April 26 2005. Google ScholarDigital Library
- Simson L. Garfinkel and Robert Miller. The johnny 2 standardized secure messaging scenario. In Symposium on Usable Privacy and Security. ACM Press, 2005.Google Scholar
- Joseph A. Goguen and José Meseguer. Security policies and security models. In Proceedings of the Berkeley Conference on Computer Security, pages 11--22. IEEE CS Press, 1982.Google Scholar
- Peter Gutmann. Why isn't the Internet secure yet, dammit. In AusCERT Asia Pacific Information Technology Security Conference 2004; Computer Security: Are we there yet? AusCERT, May 2004. http://www.cs.auckland.ac.nz/~pgut001/pubs/dammit.pdf.Google Scholar
- Poul-Henning Kamp and Robert N. M. Watson. Jails: Confining the omnipotent root. In System Administration and Network Engineering (SANE) 2000. Stichting NLnet and USENIX, May 2000. http://docs.freebsd.org/44doc/papers/jail/jail.html.Google Scholar
- D. Kirovski, M. Drinic, and M. Potkonjak. Enabling trusted software integrity. In In Proceedings of ASPLOS, pages 108--120, 2002. Google ScholarDigital Library
- OLPC. Hardware specification, 2007. http://wiki.laptop.org/go/Hardware_specification.Google Scholar
- OLPC. Sugar, 2007. http://wiki.laptop.org/go/Sugar.Google Scholar
- Open firmware home page, 2007. http://www.openfirmware.org.Google Scholar
- What is OpenID, 2007. http://openid.net.Google Scholar
- Seymour Papert and Idit Harel. Constructionism. Ablex Publishing Corporation, 1991.Google Scholar
- C. Partridge. RFC 1363: A proposed flow specification, September 1992. Status: INFORMATIONAL Google ScholarDigital Library
- Brian Reid. Reflections on some recent widespread computer break-ins. Commun. ACM, 30(2):103--105, 1987. ISSN 0001-0782.Google ScholarDigital Library
- Marc Stiegler, Alan H. Karp, Ka-Ping Yee, Tyler Close, and Mark S. Miller. Polaris: virus-safe computing for windows xp. Commun. ACM, 49(9): 83--88, 2006. ISSN 0001-0782. Google ScholarDigital Library
- Snorri Sturluson. Edda. Everyman Paperback Classics, 1995.Google Scholar
- Linux VServer. http://linux-vserver.org/.Google Scholar
- David Woodhouse. The journaling flash file system, July 2001.Google Scholar
- Ka-Ping Yee. User interaction design for secure systems. In Proceedings of the 4th International Conference on Information and Communications Security. Springer-Verlag, 2002. LNCS 2513. Google ScholarDigital Library
- Ka-Ping Yee. Aligning security and usability. Security & Privacy Magazine, 2:48--55, Sept-Oct 2004. Google ScholarDigital Library
Index Terms
Bitfrost: the one laptop per child security model
Comments