{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T20:57:33Z","timestamp":1725569853291},"publisher-location":"Berlin, Heidelberg","reference-count":24,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540300076"},{"type":"electronic","value":"9783540314837"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2005]]},"DOI":"10.1007\/11580850_14","type":"book-chapter","created":{"date-parts":[[2005,12,6]],"date-time":"2005-12-06T05:50:36Z","timestamp":1133848236000},"page":"248-278","source":"Crossref","is-referenced-by-count":9,"title":["A Practical Formal Model for Safety Analysis in Capability-Based Systems"],"prefix":"10.1007","author":[{"given":"Fred","family":"Spiessens","sequence":"first","affiliation":[]},{"given":"Peter","family":"Van Roy","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"14_CR1","unstructured":"Boebert, W.E.: On the inability of an unmodified capability machine to enforce the *-property. In: Proceedings of 7th DoD\/NBS Computer Security Conference, September 1984, pp. 45\u201354 (1984), http:\/\/zesty.ca\/capmyths\/boebert.html"},{"key":"14_CR2","doi-asserted-by":"crossref","first-page":"45","DOI":"10.1145\/800215.806569","volume-title":"Proceedings of the seventh ACM symposium on Operating systems principles","author":"M. Bishop","year":"1979","unstructured":"Bishop, M., Snyder, L.: The transfer of information and authority in a protection system. In: Proceedings of the seventh ACM symposium on Operating systems principles, pp. 45\u201354. ACM Press, New York (1979)"},{"key":"14_CR3","unstructured":"Dennis, J.B., Van Horn, E.C.: Programming semantics for multiprogrammed computations. Technical Report MIT\/LCS\/TR-23, M.I.T. Laboratory for Computer Science (1965)"},{"key":"14_CR4","unstructured":"Frank, J., Bishop, M.: Extending the take-grant protection system (December 1996), Available at: http:\/\/citeseer.ist.psu.edu\/frank96extending.html"},{"issue":"4","key":"14_CR5","doi-asserted-by":"publisher","first-page":"36","DOI":"10.1145\/54289.871709","volume":"22","author":"N. Hardy","year":"1989","unstructured":"Hardy, N.: The confused deputy. ACM SIGOPS Oper. Syst. Rev\u00a022(4), 36\u201338 (1989), http:\/\/www.cap-lore.com\/CapTheory\/ConfusedDeputy.html","journal-title":"ACM SIGOPS Oper. Syst. Rev"},{"issue":"5","key":"14_CR6","doi-asserted-by":"publisher","first-page":"279","DOI":"10.1109\/32.588521","volume":"23","author":"G.J. Holzmann","year":"1997","unstructured":"Holzmann, G.J.: The model checker spin. IEEE Trans. Softw. Eng.\u00a023(5), 279\u2013295 (1997)","journal-title":"IEEE Trans. Softw. Eng."},{"issue":"8","key":"14_CR7","doi-asserted-by":"publisher","first-page":"461","DOI":"10.1145\/360303.360333","volume":"19","author":"M.A. Harrison","year":"1976","unstructured":"Harrison, M.A., Ruzzo, W.L., Ullman, J.D.: Protection in operating systems. Commun. ACM\u00a019(8), 461\u2013471 (1976)","journal-title":"Commun. ACM"},{"key":"14_CR8","unstructured":"Salzer, J.H., Schroeder, M.D.: The protection of information in computer systems. In: Fourth ACM Symposium on Operating System Principles (March 1973)"},{"key":"14_CR9","volume-title":"Secure Systems Development with UML","author":"J. J\u00fcrjens","year":"2005","unstructured":"J\u00fcrjens, J.: Secure Systems Development with UML. Springer, Berlin (2005)"},{"key":"14_CR10","unstructured":"Guttman, J.D., Herzog, J.C., Ramsdell, J.D., Sniffen, B.T.: Programming cryptographic protocols. Technical report, The MITRE Corporation. Availalbe, at http:\/\/www.ccs.neu.edu\/home\/guttman\/"},{"issue":"2","key":"14_CR11","doi-asserted-by":"publisher","first-page":"202","DOI":"10.1109\/TSE.1987.232892","volume":"13","author":"R.Y. Kain","year":"1987","unstructured":"Kain, R.Y., Landwehr, C.E.: On access checking in capability-based systems. IEEE Trans. Softw. Eng.\u00a013(2), 202\u2013207 (1987)","journal-title":"IEEE Trans. Softw. Eng."},{"issue":"3","key":"14_CR12","doi-asserted-by":"publisher","first-page":"455","DOI":"10.1145\/322017.322025","volume":"24","author":"R.J. Lipton","year":"1977","unstructured":"Lipton, R.J., Snyder, L.: A linear time algorithm for deciding subject security. J. ACM\u00a024(3), 455\u2013464 (1977)","journal-title":"J. ACM"},{"key":"14_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"224","DOI":"10.1007\/978-3-540-40965-6_15","volume-title":"Advances in Computing Science \u2013 ASIAN 2003. Progamming Languages and Distributed Computation Programming Languages and Distributed Computation","author":"M.S. Miller","year":"2003","unstructured":"Miller, M.S., Shapiro, J.: Paradigm regained: Abstraction mechanisms for access control. In: Saraswat, V.A. (ed.) ASIAN 2003. LNCS, vol.\u00a02896, pp. 224\u2013242. Springer, Heidelberg (2003)"},{"key":"14_CR14","unstructured":"Miller, M., Stiegler, M., Close, T., Frantz, B., Yee, K.-P., Morningstar, C., Shapiro, J., Hardy, N., Tribble, E.D., Barnes, D., Bornstien, D., Wilcox-O\u2019Hearn, B., Stanley, T., Reid, K., Bacon, D.: E: Open source distributed capabilities (2001), Available at http:\/\/www.erights.org"},{"key":"14_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1007\/978-3-540-31845-3_2","volume-title":"Multiparadigm Programming in Mozart\/Oz","author":"M.S. Miller","year":"2005","unstructured":"Miller, M.S., Tulloh, B., Shapiro, J.S.: The structure of authority: Why security is not a separable concern. In: Van Roy, P. (ed.) MOZ 2004. LNCS, vol.\u00a03389, pp. 2\u201320. Springer, Heidelberg (2005)"},{"issue":"2","key":"14_CR16","first-page":"145","volume":"9","author":"M. Nielsen","year":"2002","unstructured":"Nielsen, M., Palamidessi, C., Valencia, F.D.: Temporal concurrent constraint programming: denotation, logic and applications. Nordic J. of Computing\u00a09(2), 145\u2013188 (2002)","journal-title":"Nordic J. of Computing"},{"key":"14_CR17","unstructured":"Quesada, L., Van Roy, P., Deville, Y.: The reachability propagator. Research Report INFO-2005-07, Universit\u00e9 catholique de Louvain, Louvain-la-Neuve, Belgium (2005)"},{"key":"14_CR18","unstructured":"Reich, S.: Escape from mutlithreaded hell. concurrency in the language \u201ce\u201d (March 2003), Presentation available at: http:\/\/www.drjava.de\/e-presentation\/html-english\/img0.html"},{"key":"14_CR19","doi-asserted-by":"crossref","DOI":"10.7551\/mitpress\/2086.001.0001","volume-title":"Concurrent Constraint Programming","author":"V.A. Saraswat","year":"1993","unstructured":"Saraswat, V.A.: Concurrent Constraint Programming. MIT Press, Cambridge (1993)"},{"key":"14_CR20","doi-asserted-by":"publisher","first-page":"272","DOI":"10.1145\/199448.199513","volume-title":"POPL 1995: Proceedings of the 22nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages","author":"V.A. Saraswat","year":"1995","unstructured":"Saraswat, V.A., Jagadeesan, R., Gupta, V.: Default timed concurrent constraint programming. In: POPL 1995: Proceedings of the 22nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages, pp. 272\u2013285. ACM Press, New York (1995)"},{"key":"14_CR21","unstructured":"Spiessens, F., Miller, M., Van Roy, P., Shapiro, J.: Authority Reduction in Protection Systems. Available at (2004), http:\/\/www.info.ucl.ac.be\/people\/fsp\/ARS.pdf"},{"key":"14_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1007\/978-3-540-31845-3_3","volume-title":"Multiparadigm Programming in Mozart\/Oz","author":"F. Spiessens","year":"2005","unstructured":"Spiessens, F., Van Roy, P.: The oz-E project: Design guidelines for a secure multiparadigm programming language. In: Van Roy, P. (ed.) MOZ 2004. LNCS, vol.\u00a03389, pp. 21\u201340. Springer, Heidelberg (2005)"},{"key":"14_CR23","series-title":"Lecture Notes in Computer Science","volume-title":"A practical formal model for safety analysis in Capability-Based systems","author":"F. Spiessens","year":"2005","unstructured":"Spiessens, F., Van Roy, P.: A practical formal model for safety analysis in Capability-Based systems. LNCS. Springer, Heidelberg (2005) Available at http:\/\/www.info.ucl.ac.be\/people\/fsp\/tgc\/tgc05fs.pdf , Presentation available at http:\/\/www.info.ucl.ac.be\/people\/fsp\/auredsysfinal.mov"},{"key":"14_CR24","volume-title":"Concepts, Techniques, and Models of Computer Programming","author":"P. Roy Van","year":"2004","unstructured":"Van Roy, P., Haridi, S.: Concepts, Techniques, and Models of Computer Programming. MIT Press, Cambridge (2004)"}],"container-title":["Lecture Notes in Computer Science","Trustworthy Global Computing"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/11580850_14","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,4,11]],"date-time":"2020-04-11T10:58:31Z","timestamp":1586602711000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/11580850_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2005]]},"ISBN":["9783540300076","9783540314837"],"references-count":24,"URL":"https:\/\/doi.org\/10.1007\/11580850_14","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2005]]}}}