Usable Mandatory Integrity Protection for Operating Systems

Authors:
Ninghui Li;Ziqing Mao;Hong Chen
Affiliations:
Purdue University;Purdue University;Purdue University
Venue:
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Year:
2007

Citing 0
Cited 16

Application-level isolation and recovery with solitude

Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
Expanding Malware Defense by Securing Software Installations

DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Reusability of Functionality-Based Application Confinement Policy Abstractions

ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Verifying compliance of trusted programs

SS'08 Proceedings of the 17th conference on Security symposium
Trojan horse resistant discretionary access control

Proceedings of the 14th ACM symposium on Access control models and technologies
Johnny can drag and drop: determining user intent through traditional interactions to improve desktop security

Proceedings of the 4th Symposium on Computer Human Interaction for the Management of Information Technology
SEIP: simple and efficient integrity protection for open mobile platforms

ICICS'10 Proceedings of the 12th international conference on Information and communications security
Tracer: enforcing mandatory access control in commodity OS with the support of light-weight intrusion detection and tracing

Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
From a generic framework for expressing integrity properties to a dynamic MAC enforcement for operating systems

Transactions on computational science XI
SecGuard: secure and practical integrity protection model for operating systems

APWeb'11 Proceedings of the 13th Asia-Pacific web conference on Web technologies and applications
Safe side effects commitment for OS-level virtualization

Proceedings of the 8th ACM international conference on Autonomic computing
Combining Discretionary Policy with Mandatory Information Flow in Operating Systems

ACM Transactions on Information and System Security (TISSEC)
Identifying native applications with high assurance

Proceedings of the second ACM conference on Data and Application Security and Privacy
Verifying system integrity by proxy

TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
Transforming commodity security policies to enforce Clark-Wilson integrity

Proceedings of the 28th Annual Computer Security Applications Conference
A portable user-level approach for system-wide integrity protection

Proceedings of the 29th Annual Computer Security Applications Conference

Quantified Score

Hi-index	0.00

Visualization

Abstract

Existing mandatory access control systems for operating systems are difficult to use. We identify several principles for designing usable access control systems and introduce the Usable Mandatory Integrity Protection (UMIP) model that adds usable mandatory access control to operating systems. The UMIP model is designed to preserve system integrity in the face of network-based attacks. The usability goals for UMIP are twofold. First, configuring a UMIP system should not be more difficult than installing and configuring an operating system. Second, existing applications and common usage practices can still be used under UMIP. UMIP has several novel features to achieve these goals. For example, it introduces several concepts for expressing partial trust in programs. Furthermore, it leverages information in the existing discretionary access control mechanism to derive file labels for mandatory integrity protection. We also discuss our implementation of the UMIP model for Linux using the Linux Security Modules framework, and show that it is simple to configure, has low overhead, and effectively defends against a number of network-based attacks.