History-based access control for mobile code
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Protecting privacy using the decentralized label model
ACM Transactions on Software Engineering and Methodology (TOSEM)
Remus: a security-enhanced operating system
ACM Transactions on Information and System Security (TISSEC)
Hi-index | 0.00 |
We have developed a privacy-aware operating system that focuses on preventing leakage of sensitive data such as personal information. The existing mandatory access control model is too restrictive for processes required to sustain the operations of user programs such as FTP, e-mail client applications, etc. In order to solve this problem, the proposed approach employs two techniques. First, the operating system kernel limits the execution of system calls only if the process could contribute to data leakage. Second, we implemented contexts; contexts are parameter or hints facilitating the evaluation of the risk of data leakage. These contexts also determine whether the kernel allows or disallows the execution of system calls. These techniques make it possible to realize a more adaptive and flexible data protection mechanism than the existing ones. This study describes the proposed approach.