Brian Randell and John Rushby

Appears in 2007 Annual Computer Security Applications Conference (ACSAC 23)

Abstract

The Distributed Secure System (DSS) described in our 1983 paper proposed a new way to construct secure systems by exploiting the design freedom created by this form of distributed computing. The DSS separated the security concerns of policy enforcement from those due to resource sharing and used a variety of mechanisms (dedicated components, cryptography, periods processing, separation kernels) to manage resource sharing in ways that were simpler than before.

In this retrospective, we provide the full original text of our DSS paper, prefaced by an introductory discussion of the DSS in the context of its time, and followed by an account of the subsequent implementation and deployment of an industrial prototype of DSS, and a description of its modern interpretation in the form of the MILS architecture. We conclude by outlining current opportunities and challenges presented by this approach to security.

PDF only

Links to original paper and technical report.

Slides

PDF

BibTeX Entry

@INPROCEEDINGS{Randell&Rushby07:ACSAC,
        AUTHOR = {Brian Randell and John Rushby},
        TITLE = {Distributed Secure Systems: Then and Now},
        BOOKTITLE = {Proceedings of the Twenty-Third Annual Computer Security
                Applications Conference},
        ADDRESS = {Miami Beach, FL},
        ORGANIZATION = {IEEE Computer Society},
	PAGES = {177--198},
        YEAR = 2007,
        MONTH = dec,
	NOTE = {Invited ``Classic Paper'' presentation}
}