Sciweavers

APWEB
2011
Springer

SecGuard: Secure and Practical Integrity Protection Model for Operating Systems

13 years 4 months ago
SecGuard: Secure and Practical Integrity Protection Model for Operating Systems
Host compromise is a serious security problem for operating systems. Most previous solutions based on integrity protection models are difficult to use; on the other hand, usable integrity protection models can only provide limited protection. This paper presents SecGuard, a secure and practical integrity protection model. To ensure the security of systems, SecGuard provides provable guarantees for operating systems to defend against three categories of threats: network-based threat, IPC communication threat and contaminative file threat. To ensure practicability, SecGuard introduces several novel techniques. For example, SecGuard leverages the information of existing discretionary access control information to initialize integrity labels for subjects and objects in the system. We developed the prototype system of SecGuard based on Linux Security Modules framework (LSM), and evaluated the security and practicability of SecGuard.
Ennan Zhai, Qingni Shen, Yonggang Wang, Tao Yang,
Added 24 Aug 2011
Updated 24 Aug 2011
Type Journal
Year 2011
Where APWEB
Authors Ennan Zhai, Qingni Shen, Yonggang Wang, Tao Yang, Liping Ding, Sihan Qing
Comments (0)