NETWORK INFORMATION SERVICE Certains programmes comme login, ftp, rsh, doivent être liés statiquement, donc il faut installer les nouvelles versions de ces programmes adaptées au NIS ,
master " NIS est un point faible du système (on ne peut pas mettre à jour l'information dans NIS pendant un crash du server ,
il faut être root pour modifier une entrée dans NIS. Pour changer son mot de passe l'utilisateur appelle un programme SUID qui lui permet uniquement de changer son mot de passe. Il n'a plus la possibilité de changer son shell ou l'entrée dit gecos ; les programmes SUID sont normalement très compliqués et Sun a préféré de garder les programmes simples, ils ont eu beaucoup problèmes avec la fonction de changement de shell au début, alors ils ont renoncé à étendre la fonctionalité de NIS) ,
An Algorithm for the Organization of Information Traduit en anglais dans " Soviet Math, Dokl. Akad. Nauk SSR, vol.146, issue.3, pp.263-266, 1962. ,
Security Kernel Design and Implementation: An Introduction, Computer, vol.16, issue.7, pp.14-22, 1985. ,
DOI : 10.1109/MC.1983.1654439
Design of a message processing system for a multilevel secure environment, dans Proceedings of AFIPS National Computer Conference, pp.765-771, 1978. ,
A Password-Capability System, The Computer Journal, vol.29, issue.1, pp.1-8, 1986. ,
DOI : 10.1093/comjnl/29.1.1
Distributed Access-Rights Management with Delegation Certificates, Vitek et C. Jensen, éditeurs, Secure Internet Programming, numéro 1603 dans Lecture Notes in Computer Science, pp.211-236, 1999. ,
DOI : 10.1007/3-540-48749-2_9
Raptor Firewall 6.0 White Paper, Rapport technique, 1999. ,
Objectifs et plan de travail du projet Sirac, Rapport technique Sirac 1?95, Laboratoire IMAG?LSR, 1995. ,
Construction des systèmes d'exploitation répartis, Institut National de Recherche en Informatique et Automatique, 1991. ,
Wide-address spaces, ACM SIGOPS Operating Systems Review, vol.27, issue.1, pp.11-17, 1993. ,
DOI : 10.1145/160551.160552
Secure Computer Systems : Mathematical Foundations, Rapport technique 2547, Volume I, The MITRE Corporation, 1973. ,
Secure Computer Systems : A Mathematical Model, Rapport technique 2547, Volume II, The MITRE Corporation, 1973. ,
Construction et Configuration d'Applications réparties, 1997. ,
Integrity Considerations for Secure Computer Systems, Rapport technique, US Air Force Electronic Systems Division, 1977. ,
Implementing remote procedure calls, ACM Transactions on Computer Systems, vol.2, issue.1, pp.39-59, 1984. ,
DOI : 10.1145/2080.357392
Myrinet: a gigabit-per-second local area network, Myrinet ? A Gigabit?per?Second Local?Area Network, pp.29-36, 1995. ,
DOI : 10.1109/40.342015
The Chinese Wall security policy, Proceedings. 1989 IEEE Symposium on Security and Privacy, pp.329-339, 1989. ,
DOI : 10.1109/SECPRI.1989.36295
Maßnahmenempfehlungen für den mittleren Schutzbedarf , numéro 7252 CD dans BSI, Bundesamt für Sicherheit in der Informationstechnik, 1997. ,
Terminator 2 : Judgement Day, 1991. ,
Active Capability : A Unified Security Model for Supporting Mobile, Dynamic and Application Specific Delegation, Rapport technique, 1996. ,
Implementation and performance of Munin, dans Proceedings of the 13th ACM Symposium on Operating Systems Principles, pp.152-164, 1991. ,
Security versus performance tradeoffs in RPC implementations for safe language systems, Proceedings of the 8th ACM SIGOPS European workshop on Support for composing distributed applications , EW 8, pp.158-162, 1998. ,
DOI : 10.1145/319195.319219
Sharing and Protection in a Single Address Space Operating System Supporting Distribution in Single-Address Space Operating Systems Opal : A Single Address Space System for 64-Bit Architectures, dans Proceedings of IEEE Workshop on Workstation Operating Systems, avril 1992. [CheckPoint99] C. Point, Check Point FireWall?1 : Technical Overview, Rapport technique P/N 31400000010, Check Point, avril 1999 A Comparison of Commercial and Military Computer Security Policies Construction de protocoles de cohérence sur une interface générique de mémoire répartie partagée Generic Support for Synchronization and Consistency in Arias, dans 5th A security model for cooperative work, An Operating System Structure for Wide-Address Architectures Proceedings of the 5th ACM SIGOPS European Workshop Proceedings of the IEEE Symposium on Security and Privacy dans Journées sur la Mémoire Partagée Répartie (MPR'96), Bordeaux, mai 1996. [Cortes96b] E. Pérez?Cortés, La cohérence sur mesure dans une mémoire virtuelle partagée répartie Workshop on Hot Topics in Operating SystemsCortes95b] E. Pérez?Cortés, Cohérence et synchronization dans une mémoire virtuelle partagée répartie, Rapport technique Sirac 3?95, Laboratoire IMAG?LSR, octobre 1995. [Coulouris94a] G. Coulouris et J. Dollimore, Requirements for security in cooperative work : two case studies, Rapport technique 671 Grasshopper : An Orthogonally Persistent Operating System, Computing Systems, pp.271-307, 1987. ,
A lattice model of secure information flow, Communications of the ACM, vol.19, issue.5, pp.236-243, 1976. ,
DOI : 10.1145/360051.360056
Programming semantics for multiprogrammed computations, Communications of the ACM, vol.9, issue.3, pp.143-155, 1966. ,
DOI : 10.1145/365230.365252
New directions in cryptography, IEEE Transactions on Information Theory, vol.22, issue.6, pp.644-654, 1976. ,
DOI : 10.1109/TIT.1976.1055638
Transparent Process Migration : Design Alternatives and the Sprite Implementation, Software ? Practice and Experience, pp.757-785, 1991. ,
Asynchronous Transfer Mode (ATM) Technical Overview, 1995. ,
The Limited Performance Benefits of Migrating Active Processes for Load Sharing, Proceedings of the 1988 ACM SIGMETRICS Conference on Measurement and Modelling of Computer Systems, pp.63-72, 1988. ,
1999 CSI/FBI Computer Crime and Security Survey, Computer Security : Issues & Trends, vol.V, No. I, 1999. ,
INTERNET-DRAFT <draft-ietf-spki-cert-theory-05.txt>, Internet Engineering Task Force (IETF), mai 1999, Disponible sur le site web de l'IETF, URL="http ://www.ietf.org/internet-drafts/draft-ietf-spki-cert Simple Public Key Certificate, INTERNET-DRAFT <draft-ietf-spki-cert-structure-05.txt>, Internet Engineering Task Force (IETF), mars, Disponible sur le site web de l'IETF, pp.403-412, 1974. ,
Implementing Global Memory Management in a Workstation Cluster, Proceedings of the 15th ACM Symposium on Operating System Principles, pp.201-212, 1995. ,
The Foundations of a Provably Secure Operating System (PSOS), dans Proceedings of AFIPS National Computer Conference, pp.329-334, 1979. ,
A role-based access control model and reference implementation within a corporate intranet, ACM Transactions on Information and System Security, vol.2, issue.1, 1999. ,
DOI : 10.1145/300830.300834
A Load Index for Dynamic Load Balancing, dans Proceedings og 1986 Fall Joint Computer Conference, 1986. ,
Architecture and implementation of MEMORY CHANNEL, Digital Technical Journal, vol.9, issue.1, pp.27-41, 1997. ,
The SSL Protocol : Version 3.0, INTERNET-DRAFT <draft-freier-ssl-version3-02, txt>, Internet Engineering Task Force (IETF), 1996. ,
Building a Secure Computer System, 1988. ,
CORBA : des concepts à la pratique, 1997. ,
On security in capability-based systems, ACM SIGOPS Operating Systems Review, vol.23, issue.2, 1989. ,
DOI : 10.1145/858344.858349
A Secure Identity?Based Capability System, Proceedings of the IEEE Symposium on Security and Privacy, pp.56-63, 1989. ,
A Protection Scheme for a CORBA Environmen, 1997. ,
A Protection Scheme for Mobile Agents on Java, 3rd ACM/IEEE International Conference on Mobile Computing and Networking (MOBICOM), 1997. ,
Saunier, La protection dans un service de gestion de données persistantes partagées, Rapport technique Sirac 6?95, Laboratoire IMAG?LSR, octobre 1995 Conception et réalisation d'une mémoire partagée répartie Protection in Operating Systems Implementation and Performance of the Mungi Single-Address-Space Operating System, Software : Practice and Experience A Distributed Single Address-Space Operating System Supporting Persistence, Rapport technique Standard 1596, The Institute of Electrical and Electronics Engineering Rapport technique, The Institute of Electrical and Electronics Engineering, Hidden Software Capabilities, dans 16th International Conference on Distributed Computing Systems Mungi : A Distributed Single Address-Space Operating System, dans Proceedings of the 17th Australasian Computer Science ConfISO15408] Les Critères Communs d'évaluation de la sécurité des technologies de l'information, numéro 15408 dans Norme internationale ISO, International Standards Organisation (ISO), juin 1999. [Issarny97] V. Issarny, Configuration-Based Programming Systems, dans F. Plasil et K. G. Jeffery, éditeurs, Proceedings of SOFSEM'97 : Theory and Practice of Informatics, volume LNCS 1338ITSEC91] Information Technology Security Evaluation Criteria, European Comunities, juin 1991. [ITU93] T. S. S. of ITU, Information Technology ? Opens Systems Interconnection ? The Directory : Authentication Framework, numéro X.509 dans ITU?T Recomandation, pp.282-289461, 1976. ,
Protection reconfiguration for reusable software, Proceedings of the Second Euromicro Conference on Software Maintenance and Reengineering, pp.74-81, 1998. ,
DOI : 10.1109/CSMR.1998.665751
Protection Wrappers : A Simple and Portable Sandbox for Untrusted Applications, Proceedings of the 8th ACM SIGOPS European workshop, pp.104-110, 1998. ,
Capability Based Protection for Hosting Mobile Code, dans Proceedings of the 2nd European Research Seminar on Advances in Distributed Systems, pp.234-240, 1997. ,
Reducing Complexity of Distributed Application Protection, Presenté au 4th Cabernet Radicals Workshop, 1997. ,
Premier ministre, à l'issue du Comité interministériel pour la société de l'information, Hôtel de Matignon, Conférence de presse, janvier 1999, Disponible sur le web ,
On Access Checking in Capability?Based Systems, dans Proceedings of the IEEE Symposium on Security and Privacy, 1986. ,
An Augmented Capability Architecture to Support Lattice Security and Traceability of Access, 1984 IEEE Symposium on Security and Privacy, 1984. ,
DOI : 10.1109/SP.1984.10001
CVM : The Coherent Virtual Machine, 1996. ,
ThreadMarks : Distributed shared memory on standard workstations and operating systems, Proceedings of the Winter 1994 USENIX Conference, pp.115-132, 1994. ,
Designing Component?Based Applications, 1998. ,
Conception et réalisation d'un système de stockage fiable extensible pour un système à objets persistants répartis, 1996. ,
The Art of Computer Programming, Volume III, chapitre Searching Global Management of Coherent Shared Memory on a SCI Cluster, Proc. SCIEurope'98, a Conference Stream of EMMSEC'98, pp.458-478, 1998. ,
The Kerberos Network Authentication Service Architectural Support for Single Address Space Operating Systems The Expected Lifetime of Single?Address?Space Operating Systems The influence of Different Workload Descriptions on a Heuristic Load Balancing Scheme Authentication in Distributed Systems : Theory and Practice, Request for Comments (RFC) 1510, Network Working Group Proceedings of the 5th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), octobre 1992 dans Proceedings of SIGMETRICS '94Lai92] X. Lai, On the Design and Security of Block Ciphers, Hartung?GorreLampson81] B. W. Lampson, Distributed Systems ? architecture and Implementation, chapitre Atomic Transactions numéro 105 dans Lecture Notes in Computer Science Lampson, A Note on the Confinement Problem Proceedings of the 5th Princeton Symposium on Information Sciences and Systems, pp.161-170, 1971. ,
Memory coherence in shared virtual memory systems, Condor : A Hunter of Idle WorkstationsLomet77] D. B. Lomet, Process Structuring, Synchronization, and Recovery Using Atomic Actions, SIGPLAN Notices, pp.247-278321, 1977. ,
KSOS : The Design of a Secure Operating System Getting Down to Business With Mobile Code White House Web site shut down, MSNBC, 12 mai, Escaping the Evils of Centralized Control with self?certifying pathnames, dans Proceedings of the 8th ACM SIGOPS European workshop dans Proceedings of AFIPS National Computer Conference The Design and Implementation of the 4.4 BSD Operating System Disponible sur le web Boyle, et B. Sullivan, Hack attack knocks out FBI site, MSNBC Disponible sur le web, pp.118-125, 1979. ,
Angel : Resource Unification in a 64?bit Micro?Kernel Design and Implementation of an Object?Orientated 64?bit Single Address Space Microkernel Using Encryption for Authentication in Large Networks of Computers The Cambridge CAP Computer and its protection system, Proceedings of th 27th Hawaii International Conference on System Science dans 2nd USENIX Symposium on Microkernels and other Kernel Architectures dans Proceedings of the 6th ACM Symposium on Operating Systems Principles (SOSP) Provably Secure Operating System : The System, its Applications, and Proofs, Rapport technique, SRI International, février 1977. [Nicomette96] V. Nicomette, La protection dans les systèmes à objets répartis Proceedings of Network?Based Parallel Computing, Communication, Architecture, and Applications (CANPC'98), volume 1362 de Lecture Notes in Computer Science, pp.993-999, 1977. ,
Chaffing and Winnowing : Confidentiality without Encryption, 1998. ,
A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, vol.21, issue.2, pp.120-126, 1978. ,
DOI : 10.1145/359340.359342
Access control: The neglected frontier, Proceedings of the First Australasian Conference on Information Security and Privacy, 1996. ,
DOI : 10.1007/BFb0023301
Lattice-based access control models, Computer, vol.26, issue.11, pp.9-19, 1993. ,
DOI : 10.1109/2.241422
Protection d'une mémoire virtuelle répartie par capacités implicites, 1996. ,
Service de Protection d'une Mémoire Virtuelle Répartie, Journée des Jeunes Chercheurs, Réseau Doctoral en Architecture des Systèmes et des Machines Informatiques ,
Efficient signature generation by smart cards, Journal of Cryptology, vol.4, issue.3, pp.161-174, 1991. ,
DOI : 10.1007/BF00196725
Recommandations d'installation des sites et systèmes des informations sensibles ne relevant pas du secret de défense protection des informations sensibles contre les signaux compromettants, 1991. ,
EROS : A Capability System, 1999. ,
Structure and Encapsulation in Distributed Systems : The Proxy Principle, Proceedings of the 6th International Conference on Distributed Computing Systems, pp.198-204, 1986. ,
Formal Models of Capability-Based Protection Systems, IEEE Transactions on Computers, vol.30, issue.3, pp.172-181, 1981. ,
DOI : 10.1109/TC.1981.1675753
SecurWare Netwall Version 3.3, Rapport technique, Disponible sur le web, 1998. ,
Wide Area File Services and the AFS Experimental System, Unix Review, vol.7, issue.3, 1989. ,
Kerberos : An Authentication Service for Open Network Systems, dans USENIX Conference Proceedings, pp.191-202, 1988. ,
Experiences with the Amoeba distributed operating system, Experiences with the Amoeba Distributed Operating System, pp.46-63, 1990. ,
DOI : 10.1145/96267.96281
Conceptual Foundation for a Model of Task-based Authorisations, dans Proceedings of the 7th IEEE Computer Security Foundations Workshop, pp.66-79, 1994. ,
The UNIX Timesharing System, Communications of the ACM, vol.17, issue.7, pp.365-375, 1974. ,
An Extensible Framework for Authentication and Delegation, Master's thesis, 1994. ,
1993, A version of this article is available as Technical, Capability?Based Protection in the Mungi Operating System, dans Proceedings of the 3rd IWOOS, pp.108-115, 1993. ,
A Capability?Based Operating System for Java, Vitek et C. Jensen, éditeurs, Secure Internet Programming, numéro 1603 dans Lecture Notes in Computer Science, pp.369-394, 1999. ,
Efficient Software?Based Fault Isolation, dans Proceedings of the 14th ACM Symposium on Operating System Principles (SOSP'93), pp.203-216, 1993. ,
Security Controls in the ADEPT?50 Time Sharing System, dans Proceedings of AFIPS Fall Joint Computer Conference, pp.119-135, 1969. ,
Extensible, flexible and secure services in Angel, a single address space operating system, Proceedings 1st International Conference on Algorithms and Architectures for Parallel Processing, 1995. ,
DOI : 10.1109/ICAPP.1995.472264
Authentication in the Taos operating system, Authentication in the Taos Operating System, pp.3-32, 1994. ,
DOI : 10.1145/174613.174614
Utopia : A load sharing system for large, heterogeneous distributed computer systems, CSRI Technical Report, vol.257, 1991. ,
The Official PGP User's Guide, 1995. ,