DCAC is a practical OS-level access control system that supports application-defined principals. It allows normal users to perform administrative operations within their privilege, enabling isolation and privilege separation for applications. It does not require centralized policy specification or management, giving applications freedom to manage their principals while the policies are still enforced by the OS. DCAC uses hierarchically-named attributes as a generic framework for user-defined policies such as groups defined by normal users. For both local and networked file systems, its execution time overhead is between 0%-9% on file system microbenchmarks, and under 1% on applications. This paper shows the design and implementation of DCAC, as well as several real-world use cases, including sandboxing applications, enforcing server applications' security policies, supporting NFS, and authenticating user-defined sub-principals in SSH, all with minimal code changes.
Development of a User-Friendly System for Image Processing of Electron Microscopy by Integrating a Web Browser and PIONE With EosT Tsukamoto et al. Microscopy (Oxf) 63 Suppl 1, i32-i33. PMID 25359837.Eos (Extensible object-oriented system) is one of the powerful applications for image processing of electron micrographs. In usual cases, Eos works with only character us …
Access Control Based on Attribute Certificates for Medical Intranet ApplicationsI Mavridis et al. J Med Internet Res 3 (1), E9. PMID 11720951.Access control in clinical intranet applications can be successfully and securely managed through the use of digital certificates and the DIMEDAC security policy.
Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application FrameworksM Georgiev et al. NDDS Symp 2014, 1-15. PMID 25485311.Hybrid mobile applications (apps) combine the features of Web applications and "native" mobile apps. Like Web applications, they are implemented in portable, platform-ind …
National Tuberculosis Programme Review: Experience Over the Period 1990-95A Pio et al. Bull World Health Organ 75 (6), 569-81. PMID 9509630. - ReviewSince 1990 the WHO Global Tuberculosis Programme (GTB) has promoted the revision of national tuberculosis programmes to strengthen the focus on directly observed treatmen …
Surgical Model-View-Controller Simulation Software Framework for Local and Collaborative ApplicationsA Maciel et al. Int J Comput Assist Radiol Surg 6 (4), 457-71. PMID 20714933. - ReviewA decoupled simulation approach can be implemented as a framework to handle simultaneous processes of the system at the various frame rates each process requires. The fra …