Multilevel security in the UNIX tradition
Software—Practice & Experience
A decentralized model for information flow control
Proceedings of the sixteenth ACM symposium on Operating systems principles
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A lattice model of secure information flow
Communications of the ACM
Protecting privacy using the decentralized label model
ACM Transactions on Software Engineering and Methodology (TOSEM)
Integrating Flexible Support for Security Policies into the Linux Operating System
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Proceedings of the 11th USENIX Security Symposium
Linux Security Modules: General Security Support for the Linux Kernel
Proceedings of the 11th USENIX Security Symposium
Practical Domain and Type Enforcement for UNIX
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
LOMAC: Low Water-Mark Integrity Protection for COTS Environments
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
SubDomain: Parsimonious Server Security
LISA '00 Proceedings of the 14th USENIX conference on System administration
Preventing privilege escalation
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Improving host security with system call policies
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Privtrans: automatically partitioning programs for privilege separation
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Usable Mandatory Integrity Protection for Operating Systems
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Making information flow explicit in HiStar
OSDI '06 Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation - Volume 7
Taint-enhanced policy enforcement: a practical approach to defeat a wide range of attacks
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
A secure environment for untrusted helper applications confining the Wily Hacker
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
A domain and type enforcement UNIX prototype
SSYM'95 Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5
Information flow control for standard OS abstractions
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Labels and event processes in the Asbestos operating system
ACM Transactions on Computer Systems (TOCS)
From trusted to secure: building and executing applications that enforce system security
ATC'07 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference
Practical Proactive Integrity Preservation: A Basis for Malware Defense
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Expanding Malware Defense by Securing Software Installations
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
PinUP: Pinning User Files to Known Applications
ACSAC '08 Proceedings of the 2008 Annual Computer Security Applications Conference
Trojan horse resistant discretionary access control
Proceedings of the 14th ACM symposium on Access control models and technologies
Noninterference for a Practical DIFC-Based Operating System
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
Implementing commercial data integrity with secure capabilities
SP'88 Proceedings of the 1988 IEEE conference on Security and privacy
Using mandatory integrity to enforce "commercial" security
SP'88 Proceedings of the 1988 IEEE conference on Security and privacy
A portable user-level approach for system-wide integrity protection
Proceedings of the 29th Annual Computer Security Applications Conference
| Hi-index | 0.00 |
Discretionary Access Control (DAC) is the primary access control mechanism in today’s major operating systems. It is, however, vulnerable to Trojan Horse attacks and attacks exploiting buggy software. We propose to combine the discretionary policy in DAC with the dynamic information flow techniques in MAC, therefore achieving the best of both worlds, that is, the DAC’s easy-to-use discretionary policy specification and MAC’s defense against threats caused by Trojan Horses and buggy programs. We propose the Information Flow Enhanced Discretionary Access Control (IFEDAC) model that implements this design philosophy. We describe our design of IFEDAC, and discuss its relationship with the Usable Mandatory Integrity Protection (UMIP) model proposed earlier by us. In addition, we analyze their security property and their relationships with other protection systems. We also describe our implementations of IFEDAC in Linux and the evaluation results and deployment experiences of the systems.