Abstract

A state machine model is introduced for trusted processes. It makes explicit use of the notion of locking part of the state space in order to allow privileged actions to overlap. The model controls the interaction between overlapping actions by restricting the events that can change the locks, using the locks to restrict which events can change which parts of the state space, and preventing the initiation of actions that would interfere with currently executing ones.<>

Date

June 11, 1989

Authors

Jaisook Landauer, Timothy Redmond, Terry Benzel

Conference

Proceedings of the Computer Security Foundations Workshop II,

Pages

31-40

Publisher

IEEE