A low-cost runtime-privilege changing system for shared servers

Authors:
Daisuke Hara;Yasuichi Nakayama
Affiliations:
Department of Computer Science, The University of Electro-Communications, Chofu, Tokyo, Japan;Department of Computer Science, The University of Electro-Communications, Chofu, Tokyo, Japan
Venue:
ICACT'10 Proceedings of the 12th international conference on Advanced communication technology
Year:
2010

Citing 7
Cited 0

Integrating Flexible Support for Security Policies into the Linux Operating System

Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Xen and the art of virtualization

SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
General Virtual Hosting via Lightweight User-Level Virtualization

SAINT '05 Proceedings of the The 2005 Symposium on Applications and the Internet
Memory resource management in VMware ESX server

OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Secure and High-Performance Web Server System for Shared Hosting Service

ICPADS '06 Proceedings of the 12th International Conference on Parallel and Distributed Systems - Volume 1
A user-mode port of the linux kernel

ALS'00 Proceedings of the 4th annual Linux Showcase & Conference - Volume 4
Container-based operating system virtualization: a scalable, high-performance alternative to hypervisors

Proceedings of the 2nd ACM SIGOPS/EuroSys European Conference on Computer Systems 2007

Quantified Score

Hi-index	0.00

Visualization

Abstract

We propose a low-cost runtime-privilege changing system that solves security problems in shared servers. The main problem with a shared server operating under conventional access control, i.e., an owner/group/other in combination with a Web server that runs under the privilege of the same user is that malicious users potentially can steal, delete, or tamper with other user's files. Existing approaches solve a portion of this problem, but they either lack performance, site-number scalability, or generality. POSIX ACL and a secure OS do not ensure security by themselves. Containers and virtual machines (VMs) have low scalability and low generality because they have the overhead of virtualization and because they typically require modifying the kernel. We implemented our system for an Apache on a Linux OS and evaluated its effectiveness. Our experimental results show that the throughput with it was, on average, 0.5% lower than that with Apache and was a maximum of 4.7% lower. Our system should be used for practical Web servers because its overhead is very low.