Institutional Repository
| secguard: secure and practical integrity protection model for operating systems | |
| Zhai Ennan; Shen Qingni; Wang Yonggang; Yang Tao; Ding Liping; Qing Sihan | |
| 2011 | |
| 会议名称 | 13th Asia-Pacific Conference on Web Technology, APWeb 2011 |
| 会议录名称 | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
| 页码 | 370-375 |
| 会议日期 | April 18, |
| 会议地点 | Beijing, China |
| 收录类别 | EI |
| 出版地 | Germany |
| ISSN | 3029743 |
| ISBN | 9783642202902 |
| 部门归属 | (1) School of Software and Microelectronics, Peking University, China; (2) Institute of Software, Chinese Academy of Sciences, China; (3) MoE Key Lab of Network and Software Assurance, Peking University, China; (4) Network and Information Security Lab, Institute of Software, Peking University, China |
| 摘要 | Host compromise is a serious security problem for operating systems. Most previous solutions based on integrity protection models are difficult to use; on the other hand, usable integrity protection models can only provide limited protection. This paper presents SecGuard, a secure and practical integrity protection model. To ensure the security of systems, SecGuard provides provable guarantees for operating systems to defend against three categories of threats: network-based threat, IPC communication threat and contaminative file threat. To ensure practicability, SecGuard introduces several novel techniques. For example, SecGuard leverages the information of existing discretionary access control information to initialize integrity labels for subjects and objects in the system. We developed the prototype system of SecGuard based on Linux Security Modules framework (LSM), and evaluated the security and practicability of SecGuard. © 2011 Springer-Verlag Berlin Heidelberg. |
| 关键词 | Computer Operating Systems Network Security |
| 内容类型 | 会议论文 |
| URI标识 | http://ir.iscas.ac.cn/handle/311060/14233 |
| 专题 | 基础软件国家工程研究中心 |
| 推荐引用方式 GB/T 7714 | Zhai Ennan,Shen Qingni,Wang Yonggang,et al. secguard: secure and practical integrity protection model for operating systems[C]. Germany,2011:370-375. |
| 条目包含的文件 | ||||||
| 文件名称/大小 | 文献类型 | 版本类型 | 开放类型 | 使用许可 | ||
| secguard secure and (203KB) | 开放获取 | -- | 请求全文 | |||
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论