Design and implementation of an extended reference monitor for trusted operating systems

Authors:
Hyung Chan Kim;Wook Shin;R. S. Ramakrishna;Kouichi Sakurai
Affiliations:
Department of Information and Communications, Gwangju Institute of Science and Technology, Gwangju, Rep. of Korea;Department of Computer Science, University of Illinois at Urbana-Champaign, IL;Department of Information and Communications, Gwangju Institute of Science and Technology, Gwangju, Rep. of Korea;Faculty of Computer Science and Communication Engineering, Kyushu University, Fukuoka, Japan
Venue:
ISPEC'06 Proceedings of the Second international conference on Information Security Practice and Experience
Year:
2006

Citing 11
Cited 1

Fundamentals of computer security technology

Fundamentals of computer security technology
Role-Based Access Control Models

Computer
SASI enforcement of security policies: a retrospective

Proceedings of the 1999 workshop on New security paradigms
Enforceable security policies

ACM Transactions on Information and System Security (TISSEC)
Remus: a security-enhanced operating system

ACM Transactions on Information and System Security (TISSEC)
Integrating Flexible Support for Security Policies into the Linux Operating System

Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
On Preventing Intrusions by Process Behavior Monitoring

Proceedings of the Workshop on Intrusion Detection and Network Monitoring
BlueBoX: A policy-driven, host-based intrusion detection system

ACM Transactions on Information and System Security (TISSEC)
Developing Dynamic Security Policies

DANCE '02 Proceedings of the 2002 DARPA Active Networks Conference and Exposition
Extended Role Based Access Control with Procedural Constraints for Trusted Operating Systems

IEICE - Transactions on Information and Systems
The flask security architecture: system support for diverse security policies

SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8

Enforcement of integrated security policy in trusted operating systems

IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Conventional access control schemes have supported confidentiality and integrity acknowledging the necessary organizational security policy in operating systems. However, many runtime attacks in operating systems involve behavioral semantics, indicating that attacks should be seen as a sequence of access operations. Ironically these attacks are legitimate under any access control policy. This is due to the lack of behavioral dimension in security enforcement. We propose an extended reference monitor to include this dimension. Our method is based on safety property specification on system call sequences. The reference monitor checks the trace at runtime for behavior control in Linux operating system.