DOCSLIB.ORG

Small Tcbs of Policy-Controlled Operating Systems

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Small Tcbs of Policy-Controlled Operating Systems Anja Pölck Small TCBs of Policy-controlled Operating Systems Small TCBs of Policy-controlled Operating Systems Anja Pölck Universitätsverlag Ilmenau 2014 Impressum Bibliografische Information der Deutschen Nationalbibliothek Die Deutsche Nationalbibliothek verzeichnet diese Publikation in der Deutschen Nationalbibliografie; detaillierte bibliografische Angaben sind im Internet über http://dnb.d-nb.de abrufbar. Diese Arbeit hat der Fakultät für Informatik und Automatisierung der Technischen Universität Ilmenau als Dissertation vorgelegen. Tag der Einreichung: 1. Juli 2013 1. Gutachter: Prof. Dr.-Ing. habil. Winfried E. Kühnhauser (Technische Universität Ilmenau) 2. Gutachter: Prof. Dr. Elisa Bertino (Purdue University, West Lafayette, Indiana, USA) 3. Gutachter: Prof. Dr.-Ing. habil Wolfgang Fengler (Technische Universität Ilmenau) Tag der Verteidigung: 19. Dezember 2013 Technische Universität Ilmenau/Universitätsbibliothek Universitätsverlag Ilmenau Postfach 10 05 65 98684 Ilmenau www.tu-ilmenau.de/universitaetsverlag Herstellung und Auslieferung Verlagshaus Monsenstein und Vannerdat OHG Am Hawerkamp 31 48155 Münster www.mv-verlag.de ISBN 978-3-86360-090-7 (Druckausgabe) URN urn:nbn:de:gbv:ilm1-2013000632 Titelphoto: photocase.com Abstract IT systems with advanced security requirements increasingly apply problem-specific security policies for describing, analyzing, and implementing security properties. Security policies are a vital part of a system’s trusted computing base (TCB). Hence, both correctness and tamper-proofness of a TCB’s implementation are essential for establishing, preserving, and guaranteeing a system’s security properties. Today’s operating systems often show that implementing security policies is a challenge; for more than forty years, they have provided only a rather elementary support for discretionary, identity-based access control policies. As a consequence, major parts of the applications’ security policies are implemented by the applications themselves, resulting in large, heteroge- neous, and distributed TCB implementations. Thus, precisely identifying a TCB’s functional perimeter is hard, which renders essential TCB properties – correctness, robustness, and tamper-proofness – difficult to achieve. Efforts have been made to re-collect the policy components of operating systems and appli- cations into a central component. So called policy-controlled operating systems provide kernel abstractions for security policies along with a policy decision and enforcement environment to protect and enforce the policies. Current policy-controlled operating systems are based on monolithic architectures so that their policy enforcement mechanisms are distributed all over the kernel. Additionally, they share the ambition to provide support for a wide variety of security policies that leads to universal policy decision and enforcement environments. Both results in large, complex, and expensive operating system TCBs, whose functional perimeter can hardly be precisely identified. As a consequence, a TCB’s essential properties are hard to ensure in its implementation. This dissertation follows a different approach based on the idea of methodically engineering TCBs by tailoring their policy decision and enforcement environment to support only those security policies that are actually present in a TCB. A TCB’s functional perimeter is identified by exploiting causal dependencies between security policies and TCB functions, which results in causal TCBs that contain exactly those functions that are necessary to establish, enforce, and protect their policies. The precise identification of a TCB’s functional perimeter allows for implementing a TCB in a safe environment that indeed can be isolated from untrusted system components. Thereby, causal TCB engineering sets the course for implementations whose size and complexity pave the way for analyzing and verifying a TCB’s correctness and tamper-proofness. The application scenarios for causal TCB engineering range from embedded systems and policy-controlled operating systems to database management systems in large information systems. v Zusammenfassung IT Systeme mit qualitativ hohen Sicherheitsanforderungen verwenden zur Beschreibung, Analyse und Implementierung ihrer Sicherheitseigenschaften zunehmend problemspezifische Sicherheitspolitiken, welche ein wesentlicher Bestandteil der Trusted Computing Base (TCB) eines IT Systems sind. Aus diesem Grund sind die Korrektheit und Unumgehbarkeit der Implementierung einer TCB entscheidend, um die geforderten Sicherheitseigenschaften eines Systems herzustellen, zu wahren und zu garantieren. Viele der heutigen Betriebssysteme zeigen, welche Herausforderung die Realisierung von Sicherheitspolitiken darstellt; seit mehr als 40 Jahren unterstützen sie wahlfreie identitäts- basierte Zugriffssteuerungspolitiken nur rudimentär. Dies führt dazu, dass große Teile der Sicherheitspolitiken von Anwendersoftware durch die Anwendungen selbst implementiert wer- den. Infolge dessen sind die TCBs heutiger Betriebssysteme groß, heterogen und verteilt, so dass die exakte Bestimmung ihres Funktionsumfangs sehr aufwendig ist. Im Ergebnis sind die wesentlichen Eigenschaften von TCBs – Korrektheit, Robustheit und Unumgehbarkeit – nur schwer erreichbar. Dies hat zur Entwicklung von Politik gesteuerten Betriebssystemen geführt, die alle Sicher- heitspolitiken eines Betriebssystems und seiner Anwendungen zentral zusammenfassen, in- dem sie Kernabstraktionen für Sicherheitspolitiken und Politiklaufzeitumgebungen anbieten. Aktuelle Politik gesteuerte Betriebssysteme basieren auf monolithischen Architekturen, was dazu führt, dass ihre Komponenten zur Durchsetzung ihrer Politiken im Betriebssystem- kern verteilt sind. Weiterhin verfolgen sie das Ziel, ein möglichst breites Spektrum an Sicherheitspolitiken zu unterstützen. Dies hat zur Folge, dass ihre Laufzeitkomponenten für Politikentscheidung und -durchsetzung universal sind. Im Ergebnis sind ihre TCB- Implementierungen groß und komplex, so dass der TCB-Funktionsumfang nur schwer iden- tifiziert werden kann und wesentliche Eigenschaften von TCBs nur mit erhöhtem Aufwand erreichbar sind. Diese Dissertation verfolgt einen Ansatz, der die TCBs Politik gesteuerter Betriebssys- teme systematisch entwickelt. Die Idee ist, das Laufzeitsystem für Sicherheitspolitiken so maßzuschneidern, dass nur die Politiken unterstützt werden, die tatsächlich in einer TCB vorhanden sind. Dabei wird der Funktionsumfang einer TCB durch kausale Abhängigkeiten zwischen Sicherheitspolitiken und TCB-Funktionen bestimmt. Das Ergebnis sind kausale TCBs, die nur diejenigen Funktionen enthalten, die zum Durchsetzen und zum Schutz der vorhandenen Sicherheitspolitiken notwendig sind. Die präzise Identifikation von TCB- Funktionen erlaubt, die Implementierung der TCB-Funktionen von nicht-vertrauenswürdigen Systemkomponenten zu isolieren. Dadurch legen kausale TCBs die Grundlage für TCB- Implementierungen, deren Größe und Komplexität eine Analyse und Verifikation bezüglich ihrer Korrektheit und Unumgehbarkeit ermöglichen. Kausale TCBs haben ein breites An- wendungsspektrum – von eingebetteten Systemen über Politik gesteuerte Betriebssysteme bis hin zu Datenbankmanagementsystemen in großen Informationssystemen. vii Acknowledgements First of all, I would like to thank my supervisor Prof. Winfried E. Kühnhauser. He drew my interest to the exciting world of computer security research and supported me with lively and interesting discussions throughout my work. I also want to thank the reviewers of my dissertation for their valuable feedback and their preparedness to review my dissertation. Special thanks to the Carl-Zeiss-Stiftung for awarding me a PhD scholarship and thus providing the financial background for my research. Further, I would like to thank my colleagues for all the valuable and motivating discussions. This particularly concerns Peter Amthor, who was always prepared for in-depth discussions and valuable feedback over a cup of tea, and my favorite office mate Katja Hose, who is a good listener. I also want to thank the students and their theses that contributed to my research work with new ideas and their implementation. In particular, special thanks to Felix Neumann for having the guts and the endurance for dealing with formal specifications. I would also like to thank all my friends and neighbors for their continuous motivation and support as well as for their occasional pestering – all kept me going. Thanks to my friend Janine Seifert for a recreational girl’s night out once in a while; I always had a good time. Last but not least, I would like to thank my family for their moral support – my parents always made me believe that I can achieve my goals. I also like to thank Alex for his never- ending energy, administrative support, and confirmation. ix Contents 1 Introduction 1 1.1 Motivation . 1 1.2 Causal Trusted Computing Bases . 2 1.3 Challenges and Contributions . 3 1.4 Organization . 4 2 Related Work 7 2.1 Policy-controlled Operating Systems . 7 2.1.1 Flask Security Architecture . 7 2.1.2 Rule Set Based Access Control . 9 2.1.3 Policy Machine . 10 2.1.4 Summary . 11 2.2 Reducing the Size and Complexity of TCBs . 11 2.2.1 Nizza Security Architecture . 11 2.2.2 Other Approaches . 13 2.3 Security Models . 13 2.3.1 Model-based Security Policy Engineering . 14 2.3.2 Access Control Models . 15 2.3.3 Information Flow Control Models . 16 2.4 Summary . 17 3 Security Model Core 19 3.1 Security Model Family Tree . 19 3.2 Core Definition . 23 3.3 Core Specialization
Load more

Recommended publications
  • Applp: a Dialogue on Applications of Logic Programming
    AppLP: A Dialogue on Applications of Logic Programming David S. Warren Yanhong A. Liu Stony Brook University This document describes the contributions of the 2016 Applications of Logic Programming Workshop (AppLP), which was held on October 17 and associated with the International Conference on Logic Programming (ICLP) in Flushing, New York City. Focus and scope The focus of the workshop was applications of logic programming, i.e., application problems, in whole or in part, that are solved by using logic programming languages and systems. A particular theme of interest was to explore the ease of development and maintenance, clarity, performance, and tradeoffs among these features, brought about by programming using a logic paradigm. The goal was to help provide directions for future research advances and application development. Real-world problems increasingly involve complex data and logic, making the use of logic pro- gramming more and more beneficial for such complex applications. Despite the diverse areas of application, their common underlying requirements are centered around ease of development and maintenance, clarity, performance, integration with other tools, and tradeoffs among these prop- erties. Better understanding of these important principles will help advance logic programming research and lead to benefits for logic programming applications. The workshop was organized around four main areas of application: Enterprise Software, Con- trol Systems, Intelligent Agents, and Deep Analysis. These general areas included topics such as business intelligence, ontology management, text processing, program analysis, model checking, access control, network programming, resource allocation, system optimization, decision making, and policy administration. The issues proposed for discussion included language features, imple- mentation efficiency, tool support and integration, evaluation methods, as well as teaching and training.
    [Show full text]
  • 2Nd USENIX Conference on Web Application Development (Webapps ’11)
    conference proceedings Proceedings of the 2nd USENIX Conference Application on Web Development 2nd USENIX Conference on Web Application Development (WebApps ’11) Portland, OR, USA Portland, OR, USA June 15–16, 2011 Sponsored by June 15–16, 2011 © 2011 by The USENIX Association All Rights Reserved This volume is published as a collective work. Rights to individual papers remain with the author or the author’s employer. Permission is granted for the noncommercial reproduction of the complete work for educational or research purposes. Permission is granted to print, primarily for one person’s exclusive use, a single copy of these Proceedings. USENIX acknowledges all trademarks herein. ISBN 978-931971-86-7 USENIX Association Proceedings of the 2nd USENIX Conference on Web Application Development June 15–16, 2011 Portland, OR, USA Conference Organizers Program Chair Armando Fox, University of California, Berkeley Program Committee Adam Barth, Google Inc. Abdur Chowdhury, Twitter Jon Howell, Microsoft Research Collin Jackson, Carnegie Mellon University Bobby Johnson, Facebook Emre Kıcıman, Microsoft Research Michael E. Maximilien, IBM Research Owen O’Malley, Yahoo! Research John Ousterhout, Stanford University Swami Sivasubramanian, Amazon Web Services Geoffrey M. Voelker, University of California, San Diego Nickolai Zeldovich, Massachusetts Institute of Technology The USENIX Association Staff WebApps ’11: 2nd USENIX Conference on Web Application Development June 15–16, 2011 Portland, OR, USA Message from the Program Chair . v Wednesday, June 15 10:30–Noon GuardRails: A Data-Centric Web Application Security Framework . 1 Jonathan Burket, Patrick Mutchler, Michael Weaver, Muzzammil Zaveri, and David Evans, University of Virginia PHP Aspis: Using Partial Taint Tracking to Protect Against Injection Attacks .
    [Show full text]
  • Automated Security Analysis of Virtualized Infrastructures
    Automated Security Analysis of Virtualized Infrastructures Zur Erlangung des akademischen Grades Doktor-Ingenieur (Dr.-Ing.) genehmigte Dissertation von Sören Bleikertz, M.Sc. aus Leverkusen Tag der Einreichung: 15.02.2017, Tag der Prüfung: 17.05.2017 2017 — Darmstadt — D 17 1. Gutachten: Prof. Dr. Michael Waidner 2. Gutachten: Dr. Thomas Groß, University of Newcastle upon Tyne Security in Information Technology Fachbereich Informatik Automated Security Analysis of Virtualized Infrastructures Genehmigte Dissertation von Sören Bleikertz, M.Sc. aus Leverkusen 1. Gutachten: Prof. Dr. Michael Waidner 2. Gutachten: Dr. Thomas Groß, University of Newcastle upon Tyne Tag der Einreichung: 15.02.2017 Tag der Prüfung: 17.05.2017 Darmstadt — D 17 Erklärung zur Dissertation Hiermit versichere ich, die vorliegende Dissertation ohne Hilfe Dritter nur mit den an- gegebenen Quellen und Hilfsmitteln angefertigt zu haben. Alle Stellen, die aus Quellen entnommen wurden, sind als solche kenntlich gemacht. Diese Arbeit hat in gleicher oder ähnlicher Form noch keiner Prüfungsbehörde vorgelegen. Horgen, Schweiz, den 16.07.2017 (Sören Bleikertz, M.Sc.) 1 Abstract Virtualization enables the increasing efficiency and elasticity of modern IT infrastructures, including Infrastructure as a Service. However, the operational complexity of virtualized infrastructures is high, due to their dynamics, multi-tenancy, and size. Misconfigurations and insider attacks carry significant operational and security risks, such as breaches in tenant isolation, which put both the infrastructure provider and tenants at risk. In this thesis we study the question if it is possible to model and analyze complex, scalable, and dynamic virtualized infrastructures with regard to user-defined security and operational policies in an automated way.
    [Show full text]
  • Downloads/Pws-Whitepaper-May-2006-De.Pdf, 28.07.2008
    Privacy and Identity Management in Europe for Life Infrastructure for Trusted Content Editors: Dr. Stephan Spitz (GD) Dr. Walter Hinz (GD) Dr. Marc-Michael Bergfeld (GD) Reviewers: Karel Wouters (KUL) Aleksandra Kuczerawy (KUL) Identifier: D6.2.1 Type: Deliverable Class: Public Date: 28 August 2008 Abstract As the usage of information and communication technology increases in private and professional life, personal data is widely stored. While service providers need to rely on identifying their customers, conscious identity management and privacy develops into a new value for the service user, especially in the electronic service context. Here, modern technology infrastructures can assist in providing security to both sides by assuring identification and privacy at the same time. This paper introduces the ‘Security of Service’ concept and presents different technical environments through which it can be established. Privacy in service composition is elaborated conceptually and from a technological standpoint. Potential authentication scenarios and emerging use cases are introduced. In conclusion, implications for the needed technological infrastructures are derived and necessary future research directions are indicated. Copyright © 2008 by the PrimeLife Consortium The research leading to these results has received funding from the European Community’s Seventh Framework Programme (FP7/2007-2013) under grant agreement n o 216483. Members of the PrimeLife Consortium 1. IBM Research GmbH IBM Switzerland 2. Unabhängiges Landeszentrum für Datenschutz ULD Germany 3. Technische Universität Dresden TUD Germany 4. Karlstads Universitet KAU Sweden 5. Università degli Studi di Milano UNIMI Italy 6. Johann Wolfgang Goethe – Universität Frankfurt am Main GUF Germany 7. Stichting Katholieke Universiteit Brabant TILT Netherlands 8.
    [Show full text]
  • Conference Reports ELECTRONIC SUPPLEMENT
    DECEMBER 2012 vOL. 37, NO. 6 Conference Reports ELECTRONIC SUPPLEMENT 21st USENIX Security Symposium (USENIX and that they also knew what the US was doing (capabilities) Security ’12) through the use of spies in the US and their interception of our ciphers (access). After considering all of these differ- Bellevue, WA August 8–10, 2012 ent criteria, cryptographers could then attempt to provide information assurance in the face of this particular enemy. Opening Remarks Again focusing on communications, they examined the Summarized by Rik Farrow ([email protected]) security of the SAVILLE cipher and its usage in the VINSON Program Chair Tadayoshi Kohno (University of Washing- hand-held radio. Additionally, they really had time to do it ton) opened the conference by telling us that there were 222 right: the SAVILLE cipher was developed in the 1950s, evalu- papers submitted and 42 accepted. By replacing four invited ated in the 1960s, and then finally implemented in VINSON talks sessions with paper presentations, more papers could and deployed in 1976; this meant that they could look closely be accepted than in the past. at both the algorithm and its implementation to try to find When the conference began, there were 484 attendees; 84 potential attacks. students received travel grants using money provided by the In modern times, the field has once again changed dramati- National Science Foundation, with Google and Microsoft cally. One of the main catalysts for these changes was the being the next largest sponsors. introduction of the Data Encryption Standard (DES), which Best Paper awards went to “Mining Your Ps and Qs: Detec- was created through a competition held by NIST.
    [Show full text]
  • Access Control Models for Collaborative Applications Asma Cherif
    Access Control Models for Collaborative Applications Asma Cherif To cite this version: Asma Cherif. Access Control Models for Collaborative Applications. Distributed, Parallel, and Cluster Computing [cs.DC]. Université de Lorraine, 2012. English. NNT : 2012LORR0217. tel-01749620v2 HAL Id: tel-01749620 https://tel.archives-ouvertes.fr/tel-01749620v2 Submitted on 11 Dec 2014 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. UFR math´ematiques et informatique Ecole´ doctorale IAEM Lorraine D´epartement de formation doctorale en informatique Mod`elesde Contr^oled'Acc`espour Les Applications Collaboratives THESE` pr´esent´eeet soutenue publiquement le 26 Novembre 2012 pour l'obtention du Doctorat de l'universit´eNancy 2 (sp´ecialit´einformatique) par Asma CHERIF Composition du jury Pr´esident: Kamel SMAILI Pr. Universit´ede Lorraine Rapporteurs : Fr´ed´ericCUPPENS Pr. ENST Bretagne Achour MOSTEFAOUI Pr. Universit´ede Nantes Examinateurs : Ladjel BELLATRECHE Pr. LIAS/ISAE ENSMA Poitiers Sophie CHABRIDON Mcf. T´el´ecom Sud Paris Directeurs de thèse : Abdessamad IMINE Mcf. Universit´ede Lorraine Micha¨elRUSINOWITCH Dr. Inria Nancy Grand Est Laboratoire Lorrain de Recherche en Informatique et ses Applications | UMR 7503 Mis en page avec la classe thloria.
    [Show full text]
  • FOUNDATIONS of ACCESS CONTROL for SECURE STORAGE a Dissertation Submitted in Partial Satisfaction of the Requirements for the Degree Of
    UNIVERSITY OF CALIFORNIA SANTA CRUZ FOUNDATIONS OF ACCESS CONTROL FOR SECURE STORAGE A dissertation submitted in partial satisfaction of the requirements for the degree of DOCTOR OF PHILOSOPHY in COMPUTER SCIENCE by Avik Chaudhuri December 2008 The Dissertation of Avik Chaudhuri is approved: Professor Mart´ın Abadi, Chair Professor Scott Brandt Professor Cormac Flanagan Professor Luca de Alfaro Dean Lisa Sloan Vice Provost and Dean of Graduate Studies Copyright c by Avik Chaudhuri 2008 Table of Contents Abstract vii Dedication viii Acknowledgments ix 1 Introduction 1 1.1 Access control and secure storage . .3 1.2 A research program . .4 1.3 Some highlights . .4 1.3.1 Security enforcement on operating systems . .5 1.3.2 Automatic analysis of security models . .6 1.3.3 Automated security analysis of storage protocols . .6 1.3.4 Secure distributed sharing of services . .8 1.3.5 Correctness of distributed access-control implementations . .8 1.4 Ideas and techniques . .9 1.4.1 Programming languages . .9 1.4.2 Logic . 11 1.5 Organization . 12 1.5.1 Dependencies . 13 1.5.2 Common themes . 13 I Correctness of Access Control 16 2 Cryptographic access control 18 2.1 Plutus . 20 2.2 Formal model of Plutus . 23 2.2.1 Background on ProVerif . 23 2.2.2 Plutus in ProVerif . 24 iii 2.3 Security results on Plutus . 31 2.3.1 Background on correspondences . 31 2.3.2 Security properties of Plutus . 35 2.3.3 Analysis of some design details . 41 2.3.4 Additional remarks . 44 3 Access control with labels 47 3.1 EON .......................................
    [Show full text]
  • Cybersecurity Initiative Flanders Strategic Research Programme
    VR 2019 1312 DOC.1235/5 Cybersecurity Initiative Flanders Strategic Research Programme July 2019 Contributing Authors: Bart De Decker, Bart Jacobs, Bart Preneel, Benedikt Gierlichs, Bert Lagaisse, Bjorn De Sutter, Bruno Crispo, Claudia Diaz, Coen De Roover, Cyprien Delpech de Saint Guilhem, Danny De Cock, Danny Hughes, Dave Singelee, Davy Preuveneers, Dimitri Van Landuyt, Dominique Devriese, Elena Andreeva, Elisa Gonzales Boix , Els Kindt, Emmanuela Orsini, Enrique Argones Rua, Frank Piessens, Frederik Vercauteren, Ingrid Verbauwhede, Jan Tobias Mühlberg, Koen Yskout, Lieven Desmet, Nele Mentens, Nigel Smart, Peggy Valcke, Pieter Maene, Sam Michiels, Stijn Volckaert, Svetla Nikova, Vincent Naessens, Vincent Rijmen, Wolfgang De Meuter, Wouter Castryck, Wouter Joosen Cybersecurity Initiative Flanders- Strategic Research Programme Page 2 | Introduction Cybersecurity Initiative Flanders - Strategic Research Programme 1. Introduction Context and Motivation: Cybersecurity, Challenge and Opportunity While the digital transformation has a strongly increasing and positive impact on our society and our economy, the lack of adequate cybersecurity in our systems, platforms and services can lead to major dangers, risks and problems. More and more information is being collected and analyzed, leading to significant efficiency gains and new applications. In cyber-physical systems, this results in far-reaching automation with, among other things, autonomous robots, cars and drones. The entire infrastructure of society is also being transformed; we get smarter cities (smart cities), smart transport systems (smart transport) and smart electricity grids (smart grids), smarter hospital facilities, etc. This transformation affects all sectors, both within the government (general policy, education and health, infrastructure, police, defense) and within the private industry: critical infrastructure, transport, manufacturing, financial sector, media, health sector.
    [Show full text]
  • To the Memory of Our Colleague and Friend Andreas Pfitzmann
    To the memory of our colleague and friend Andreas Pfitzmann The protection of people’s privacy was dear to Andreas’ heart. He was an inspiration to all of us, and many of the results presented in this book owe to him. Preface Publication is a self-invasion of privacy. Marshall McLuhan Individuals in the Information Society want to safeguard their autonomy and retain control over their personal information, irrespective of their activities. Information technologies generally do not consider those user requirements, thereby putting the privacy of the citizen at risk. At the same time, the Internet is changing from a client- server to a collaborative paradigm. Individuals are contributing throughout their life leaving a life-long trace of personal data. This raises substantial new privacy chal- lenges. Saving digital privacy. By 2008, the European project PRIME (Privacy and Identity Management for Europe) had demonstrated that existing privacy technologies can enable citizens to execute their legal rights to control their personal information in on-line transactions. It had raised considerable awareness amongst stakeholders and has significantly advanced the state of the art in the areas of privacy and identity management. PrimeLife has been building on the momentum created and the results achieved by PRIME to address emerging challenges in the areas of privacy and identity management and really bring privacy and identity management to live: A first, short-term goal of PrimeLife was to provide scalable and configurable • privacy and identity management in new and emerging internet services and ap- plications such as virtual communities and Web 2.0 collaborative applications.
    [Show full text]
  • Bulletin EATCS
    1 1 ISSN 0252–9742 Bulletin of the European Association for Theoretical Computer Science EATCS E A T C S Number 98 June 2009 1 1 2 2 2 2 3 3 C E A T C S P:G A I V P:B M G D S U K P S G T:D J B B E:M S S L A I M M I K A T N M N D P-L C F C P F J D´ S D P I Z´ É H V S U K F F N Jˇ´ S C R G F. I I A T P J K¨ F W T G R E. L USA I W G J L T N E W S E M I G W¨ T N P P: M N (1972–1977)M P (1977–1979) A S (1979–1985)G R (1985–1994) W B (1994–1997)J D´ (1997–2002) M N (2002–2006) 3 3 4 4 EATCS C M Luca Aceto . [email protected] Giorgio Ausiello . [email protected] Krzysztof Apt . [email protected] Pierre-Louis Curien . [email protected] Josep Díaz . [email protected] Zoltán Ésik . [email protected] Fedor Fomin . [email protected] Giuseppe F. Italiano . [email protected] Dirk Janssens . [email protected] Juhani Karhumäki . [email protected] Richard E. Ladner . [email protected] Jan van Leeuwen . [email protected] Eugenio Moggi . [email protected] Burkhard Monien . [email protected] Madhavan Mukund .
    [Show full text]