Reusability of Functionality-Based Application Confinement Policy Abstractions

Authors:
Z. Cliffe Schreuders;Christian Payne
Affiliations:
School of IT, Murdoch University, Murdoch, Australia WA 6150;School of IT, Murdoch University, Murdoch, Australia WA 6150
Venue:
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Year:
2008

Citing 29
Cited 2

Role-Based Access Control Models

Computer
Support for discretionary role based access control in ACL-oriented operating systems

RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Requirements of role-based access control for collaborative systems

RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
Proposed NIST standard for role-based access control

ACM Transactions on Information and System Security (TISSEC)
Taking advantage of Linux capabilities

Linux Journal
Separation of Duty in Role-based Environments

CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Application and analysis of the virtual machine approach to information system security and isolation

Proceedings of the workshop on virtual computer systems
Practical Domain and Type Enforcement for UNIX

SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
Janus: an Approach for Confinement of Untrusted Applications

Janus: an Approach for Confinement of Untrusted Applications
Behavior-based Confinement of Untrusted Applications

Behavior-based Confinement of Untrusted Applications
.NET Security and Cryptography

.NET Security and Cryptography
Towards a formal model for security policies specification and validation in the selinux system

Proceedings of the ninth ACM symposium on Access control models and technologies
Building Systems to Be Shared, Securely

Queue - Virtual Machines
SubDomain: Parsimonious Server Security

LISA '00 Proceedings of the 14th USENIX conference on System administration
Object capabilities for security

Proceedings of the 2006 workshop on Programming languages and analysis for security
Empirical privilege profiling

NSPW '05 Proceedings of the 2005 workshop on New security paradigms
Polaris: virus-safe computing for Windows XP

Communications of the ACM - Privacy and security in highly dynamic systems
Pastures: Towards Usable Security Policy Engineering

ARES '07 Proceedings of the The Second International Conference on Availability, Reliability and Security
Make least privilege a right (not a privilege)

HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
MAPbox: using parameterized behavior classes to confine untrusted applications

SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Analyzing integrity protection in the SELinux example policy

SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Improving host security with system call policies

SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Usable Mandatory Integrity Protection for Operating Systems

SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Going beyond the sandbox: an overview of the new security architecture in the javaTM development Kit 1.2

USITS'97 Proceedings of the USENIX Symposium on Internet Technologies and Systems on USENIX Symposium on Internet Technologies and Systems
TRON: process-specific file protection for the UNIX operating system

TCON'95 Proceedings of the USENIX 1995 Technical Conference Proceedings
A secure environment for untrusted helper applications confining the Wily Hacker

SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Bitfrost: the one laptop per child security model

Proceedings of the 3rd symposium on Usable privacy and security
Practical Proactive Integrity Preservation: A Basis for Malware Defense

SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
The structure of authority: why security is not a separable concern

MOZ'04 Proceedings of the Second international conference on Multiparadigm Programming in Mozart/Oz

Empowering End Users to Confine Their Own Applications: The Results of a Usability Study Comparing SELinux, AppArmor, and FBAC-LSM

ACM Transactions on Information and System Security (TISSEC)
Towards Usable Application-Oriented Access Controls: Qualitative Results from a Usability Study of SELinux, AppArmor and FBAC-LSM

International Journal of Information Security and Privacy

Quantified Score

Hi-index	0.00

Visualization

Abstract

Traditional access control models and mechanisms struggle to contain the threats posed by malware and software vulnerabilities as these cannot differentiate between processes acting on behalf of users and those posing threats to users' security as every process executes with the full set of the user's privileges. Existing application confinement schemes attempt to address this by limiting the actions of particular processes. However, the management of these mechanisms requires security-specific expertise which users and administrators often do not possess. Further, these models do not scale well to confine the large number of applications found on functionality-rich contemporary systems. This paper describes how the principles of role-based access control (RBAC) can be applied to the problem of restricting an application's behaviour. This approach provides a more flexible, scalable and easier to manage confinement paradigm that requires far less in terms of user expertise than existing schemes. Known as functionality-based application confinement (FBAC), this model significantly mitigates the usability limitations of existing approaches. We present a case study of a Linux-based implementation of FBAC known as FBAC-LSM and demonstrate the flexibility and scalability of the FBAC model by analysing policies for the confinement of four different web browsers.