Operating System Support for Process Confinement

机译：操作系统支持过程限制

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Execution of untrusted software can compromise a whole system. Tools for restricting access of software to system resources are essential for security maintenance. Operating systems should offer functionality for building tools which could run in user mode with no special privileges while providing full access control. Thus, they could be made available to any user in the system. In this paper we show ways of extending an operating system in order to provide such functionality. We present the changes introduced in the Linux kernel to offer the minimum functionality necessary for building such a tool. Using the new functionality we were able to code a program for controlling execution of untrusted software through system call interposition.

机译：执行不可信的软件可以危及整个系统。用于限制软件访问到系统资源的工具对于安全维护至关重要。操作系统应为构建工具提供功能，该工具可以在用户模式下运行，而无需特殊权限，同时提供完全访问控制。因此，它们可以在系统中的任何用户提供。在本文中，我们展示了扩展操作系统以提供此类功能的方式。我们介绍了Linux内核中引入的更改，以提供构建此类工具所需的最小功能。使用新功能，我们能够通过系统调用插入编码用于控制不可信软件的执行程序。

著录项

来源
《International conference on information and knowledge engineering》|2003年||共5页
会议地点
作者
Jose R. Herrero; David Benlliure;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类安全保密;
关键词
process confinement; system call interposition; user mode monitor;

机译：过程限制;系统调用插入;用户模式监视器;

相似文献

外文文献
中文文献
专利

1. Image Processing Flow on a Supporting System with Finger Camera for Visually Impaired People Operating Capacitive Touchscreen [J] . Akira Yamawaki, Seiichi Senkawa IAENG Internaitonal journal of computer science . 2013,第2期

机译：带有手指相机的视力障碍者操作电容式触摸屏的支持系统上的图像处理流程
2. Chameleon: Operating System Support for Dynamic Processors [J] . Sankaralingam Panneerselvam, Michael M. Swift Computer architecture news . 2012,第1期

机译：Chameleon：动态处理器的操作系统支持
3. Chameleon: Operating System Support for Dynamic Processors [J] . Sankaralingam Panneerselvam, Michael M. Swift ACM SIGPLAN Notices: A Monthly Publication of the Special Interest Group on Programming Languages . 2012,第4期

机译：Chameleon：动态处理器的操作系统支持
4. Operating System Support for Process Confinement [C] . Jose R. Herrero, David Benlliure Proceedings of the International Conference on Security and Management(SAM'03) . 2003

机译：操作系统对流程限制的支持
5. Processor-level integration of the architectural support for monitoring and securing the operating system kernel. [D] . Kathapurkar, Ameya Hemant. 2016

机译：架构支持的处理器级别集成，用于监视和保护操作系统内核。
6. Process Management in IoT Operating Systems: Cross-Influence between Processing and Communication Tasks in End-Devices [O] . Roberto Rodriguez-Zurrunero, Ramiro Utrilla, Alba Rozas, 2019

机译：物联网操作系统中的流程管理：终端设备中处理和通信任务之间的交叉影响
7. An Architecture for Modular On-Line Analytical Processing Systems: Supporting Distributed and Parallel Query Processing Using Co-operating CORBA Objects [O] . Andreas Rauber And, On-line Analytical Processing 1999

机译：模块化在线分析处理系统的体系结构：支持使用协作CORBa对象的分布式并行查询处理
8. Validation of the Data Sources and Processes of the VAMOSC (Visibility and Management of Operating and Support Costs) II Component Support Cost System (D160B) [R] . Einhorn, S. J. 1984

机译：验证VamOsC的数据源和流程（运营和支持成本的可见性和管理）II组件支持成本系统（D160B）

Operating System Support for Process Confinement

摘要

著录项

相似文献

相关主题

期刊订阅