A graphical definition of authorization schema in the DTAC model
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Remus: a security-enhanced operating system
ACM Transactions on Information and System Security (TISSEC)
Interfacing Trusted Applications with Intrusion Detection Systems
RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Integrating Flexible Support for Security Policies into the Linux Operating System
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Linux Security Modules: General Security Support for the Linux Kernel
Proceedings of the 11th USENIX Security Symposium
Enforcing Mandatory Integrity Protection in Operating System
ICCNMC '01 Proceedings of the 2001 International Conference on Computer Networks and Mobile Computing (ICCNMC'01)
Dynamic label binding at run-time
Proceedings of the 2003 workshop on New security paradigms
Resolving constraint conflicts
Proceedings of the ninth ACM symposium on Access control models and technologies
Attestation-based policy enforcement for remote access
Proceedings of the 11th ACM conference on Computer and communications security
Minos: Control Data Attack Prevention Orthogonal to Memory Model
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
A security assessment of the minos architecture
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
Labels and event processes in the asbestos operating system
Proceedings of the twentieth ACM symposium on Operating systems principles
PRIMA: policy-reduced integrity measurement architecture
Proceedings of the eleventh ACM symposium on Access control models and technologies
Systematic control and management of data integrity
Proceedings of the eleventh ACM symposium on Access control models and technologies
Minos: Architectural support for protecting control data
ACM Transactions on Architecture and Code Optimization (TACO)
Analyzing integrity protection in the SELinux example policy
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Copilot - a coprocessor-based kernel runtime integrity monitor
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Towards a VMM-based usage control framework for OS kernel integrity protection
Proceedings of the 12th ACM symposium on Access control models and technologies
Information flow control for standard OS abstractions
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Making information flow explicit in HiStar
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
Labels and event processes in the Asbestos operating system
ACM Transactions on Computer Systems (TOCS)
Exploiting concurrency vulnerabilities in system call wrappers
WOOT '07 Proceedings of the first USENIX workshop on Offensive Technologies
Measuring integrity on mobile phone systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Trojan horse resistant discretionary access control
Proceedings of the 14th ACM symposium on Access control models and technologies
Towards System Integrity Protection with Graph-Based Policy Analysis
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Trusted computing and open source
Information Security Tech. Report
An OS security protection model for defeating attacks from network
ICISS'07 Proceedings of the 3rd international conference on Information systems security
DR@FT: efficient remote attestation framework for dynamic systems
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
SecGuard: secure and practical integrity protection model for operating systems
APWeb'11 Proceedings of the 13th Asia-Pacific web conference on Web technologies and applications
Making information flow explicit in HiStar
Communications of the ACM
Permission re-delegation: attacks and defenses
SEC'11 Proceedings of the 20th USENIX conference on Security
Combining Discretionary Policy with Mandatory Information Flow in Operating Systems
ACM Transactions on Information and System Security (TISSEC)
A security architecture for adapting multiple access control models to operating systems
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part V
Achieving fault tolerance by a formally validated interaction policy
Rigorous Development of Complex Fault-Tolerant Systems
An implementation study of a ghost drive: hidden file store in a filesystem
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Efficient user-space information flow control
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
A portable user-level approach for system-wide integrity protection
Proceedings of the 29th Annual Computer Security Applications Conference
| Hi-index | 0.02 |
We hypothesize that a form of kernel-resident access-control-based integrity protection can gain widespread acceptance in Commercial Off-The-Shelf (COTS) environments if it couples some useful protection with a high degree of compatibility with existing software, configurations, and practices. To test this hypothesis, we have developed a highly compatible free open-source prototype called LOMAC, and released it on the Internet. LOMAC is a dynamically loadable extension for COTS Linux kernels that provide integrity protection based on Low Water-Mark access control. We present a classification of existing access control models with regard to compatibility, concluding that models similar to Low Water-Mark are especially well suited to high-compatibility solutions. We also describe our practical strategies for dealing with the pathological cases in the Low Water-Mark model's behavior, which include a small extension of the model, and an unusual application of its concepts.