Title: | secguard: secure and practical integrity protection model for operating systems |
Author: | Zhai Ennan
; Shen Qingni
; Wang Yonggang
; Yang Tao
; Ding Liping
; Qing Sihan
|
Source: | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
|
Conference Name: | 13th Asia-Pacific Conference on Web Technology, APWeb 2011
|
Conference Date: | April 18,
|
Issued Date: | 2011
|
Conference Place: | Beijing, China
|
Keyword: | Computer operating systems
; Network security
|
Publish Place: | Germany
|
Indexed Type: | EI
|
ISSN: | 3029743
|
ISBN: | 9783642202902
|
Department: | (1) School of Software and Microelectronics, Peking University, China; (2) Institute of Software, Chinese Academy of Sciences, China; (3) MoE Key Lab of Network and Software Assurance, Peking University, China; (4) Network and Information Security Lab, Institute of Software, Peking University, China
|
English Abstract: | Host compromise is a serious security problem for operating systems. Most previous solutions based on integrity protection models are difficult to use; on the other hand, usable integrity protection models can only provide limited protection. This paper presents SecGuard, a secure and practical integrity protection model. To ensure the security of systems, SecGuard provides provable guarantees for operating systems to defend against three categories of threats: network-based threat, IPC communication threat and contaminative file threat. To ensure practicability, SecGuard introduces several novel techniques. For example, SecGuard leverages the information of existing discretionary access control information to initialize integrity labels for subjects and objects in the system. We developed the prototype system of SecGuard based on Linux Security Modules framework (LSM), and evaluated the security and practicability of SecGuard. © 2011 Springer-Verlag Berlin Heidelberg. |
Content Type: | 会议论文
|
URI: | http://ir.iscas.ac.cn/handle/311060/14233
|
Appears in Collections: | 基础软件国家工程研究中心_会议论文
|
File Name/ File Size |
Content Type |
Version |
Access |
License |
|
secguard secure and practical integrity protection model for operating systems.pdf(203KB) | -- | -- | 限制开放 | -- | 联系获取全文 |
|
Recommended Citation: |
Zhai Ennan,Shen Qingni,Wang Yonggang,et al. secguard: secure and practical integrity protection model for operating systems[C]. 见:13th Asia-Pacific Conference on Web Technology, APWeb 2011. Beijing, China. April 18,.
|
|
|