ACM Transactions on Information and System Security (TISSEC)
Protection in operating systems
Communications of the ACM
The Theory and Practice of Concurrency
The Theory and Practice of Concurrency
TrustedBox: A Kernel-Level Integrity Checker
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Noninterference and Intrusion Detection
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Enforcing Mandatory Integrity Protection in Operating System
ICCNMC '01 Proceedings of the 2001 International Conference on Computer Networks and Mobile Computing (ICCNMC'01)
Kernel and shell based applications integrity assurance
ACSAC '97 Proceedings of the 13th Annual Computer Security Applications Conference
Preventing race condition attacks on file-systems
Proceedings of the 2005 ACM symposium on Applied computing
A Real-time Integrity Monitor for Xen Virtual Machine
ICNS '06 Proceedings of the International conference on Networking and Services
Trusted path execution for the linux 2.6 kernel as a linux security module
ATEC '04 Proceedings of the annual conference on USENIX Annual Technical Conference
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
The flask security architecture: system support for diverse security policies
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Usable Mandatory Integrity Protection for Operating Systems
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Towards a VMM-based usage control framework for OS kernel integrity protection
Proceedings of the 12th ACM symposium on Access control models and technologies
Making information flow explicit in HiStar
OSDI '06 Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation - Volume 7
vTPM: virtualizing the trusted platform module
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
lmbench: portable tools for performance analysis
ATEC '96 Proceedings of the 1996 annual conference on USENIX Annual Technical Conference
Information flow control for standard OS abstractions
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Manageable fine-grained information flow
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
Trojan horse resistant discretionary access control
Proceedings of the 14th ACM symposium on Access control models and technologies
An Information Flow Approach for Preventing Race Conditions: Dynamic Protection of the Linux OS
SECURWARE '10 Proceedings of the 2010 Fourth International Conference on Emerging Security Information, Systems and Technologies
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
| Hi-index | 0.00 |
Protection deals with the enforcement of integrity and confidentiality. Integrity violations often lead to confidentiality vulnerabilities. This paper proposes a novel approach of Mandatory Access Control enforcement for guaranteeing a large range of integrity properties. In the literature, many integrity models are proposed such as the Biba model, data integrity, subject integrity, domain integrity and Trusted Path Execution. There can be numerous integrity models. In practice, an administrator needs to combine various integrity models. The major limitations of existing solutions deal first with the support of indirect activities aiming at violating integrity and second with the impossibility to extend existing models or even define new ones. This paper proposes a novel framework for expressing integrity requirements associated with direct or indirect activities, mostly in terms of information flows. It presents a formalization for the major integrity properties of the literature. The formalization of the required security is efficient and a straightforward enforcement is proposed. In contrast with our previous work, an information flow graph provides a dynamic analysis of the requested properties. The paper also provides a MAC implementation that enforces every integrity property supported by our formalization. Thus, a system call fails if it could violate the required security properties. A large scale experiment on high interaction honeypots shows the relevance, robustness and efficiency of our approach. This experimentation sets up two kinds of hosts. Hosts with our solution in IDS mode detect the violation of the requested properties. That IDS allows us to verify the completeness of our MAC protection. Hosts with our MAC protection guarantee all the required properties.