Integrating Flexible Support for Security Policies into the Linux Operating System
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Application-Driven Optimization of VLIW Architectures: A Hardware-Software Approach
RTAS '05 Proceedings of the 11th IEEE Real Time on Embedded Technology and Applications Symposium
The flask security architecture: system support for diverse security policies
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Hardware scheduling support in SMP architectures
Proceedings of the conference on Design, automation and test in Europe
Task management in MPSoCs: an ASIP approach
Proceedings of the 2009 International Conference on Computer-Aided Design
Securing Android-Powered Mobile Devices Using SELinux
IEEE Security and Privacy
| Hi-index | 0.00 |
As computing and communications increasingly pervade our lives, security and protection of sensitive data and systems are emerging as extremely important issues. This is especially true for embedded systems, often operating in non-secure environments, and with limited amount of computational, storage, and communication resources available. In servers and desktop systems, Security Enhanced Linux (SELinux) is currently used as a method to enhance security by enforcing a security control based on policies that confine user programs, or processes, to the minimum amount of privileges that they require for their execution. While providing a powerful mean for enhancing security in UNIX-like systems, SELinux still remains a feature that is too heavy to be fully supported by constrained devices. In this paper, we propose a hardware architecture for enhancing security and accelerating retrieval and applications of SELinux policies in embedded processors. We describe the general ideas behind our work, discussing motivations, advantages, and limits of the solution proposed, while suggesting the main steps needed to implement the described architecture on common embedded processors.