| 题名: | secguard: secure and practical integrity protection model for operating systems |
| 作者: | Zhai Ennan
; Shen Qingni
; Wang Yonggang
; Yang Tao
; Ding Liping
; Qing Sihan
|
| 会议文集: | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
|
| 会议名称: | 13th Asia-Pacific Conference on Web Technology, APWeb 2011
|
| 会议日期: | April 18,
|
| 出版日期: | 2011
|
| 会议地点: | Beijing, China
|
| 关键词: | Computer operating systems
; Network security
|
| 出版地: | Germany
|
| 收录类别: | EI
|
| ISSN: | 3029743
|
| ISBN: | 9783642202902
|
| 部门归属: | (1) School of Software and Microelectronics, Peking University, China; (2) Institute of Software, Chinese Academy of Sciences, China; (3) MoE Key Lab of Network and Software Assurance, Peking University, China; (4) Network and Information Security Lab, Institute of Software, Peking University, China
|
| 英文摘要: | Host compromise is a serious security problem for operating systems. Most previous solutions based on integrity protection models are difficult to use; on the other hand, usable integrity protection models can only provide limited protection. This paper presents SecGuard, a secure and practical integrity protection model. To ensure the security of systems, SecGuard provides provable guarantees for operating systems to defend against three categories of threats: network-based threat, IPC communication threat and contaminative file threat. To ensure practicability, SecGuard introduces several novel techniques. For example, SecGuard leverages the information of existing discretionary access control information to initialize integrity labels for subjects and objects in the system. We developed the prototype system of SecGuard based on Linux Security Modules framework (LSM), and evaluated the security and practicability of SecGuard. © 2011 Springer-Verlag Berlin Heidelberg. |
| 内容类型: | 会议论文
|
| URI标识: | http://ir.iscas.ac.cn/handle/311060/14233
|
| Appears in Collections: | 基础软件国家工程研究中心_会议论文
|
| File Name/ File Size |
Content Type |
Version |
Access |
License |
|
|---|
| secguard secure and practical integrity protection model for operating systems.pdf(203KB) | -- | -- | 限制开放 | -- | 联系获取全文 |
|
| Recommended Citation: | |
Zhai Ennan,Shen Qingni,Wang Yonggang,et al. secguard: secure and practical integrity protection model for operating systems[C]. 见:13th Asia-Pacific Conference on Web Technology, APWeb 2011. Beijing, China. April 18,.
|
|
|
