首页> 外文会议>Parallel and Distributed Computing and Networks >IMPLEMENTING A SECURE SETUID PROGRAM

【24h】

IMPLEMENTING A SECURE SETUID PROGRAM

机译：实施安全的固定程序

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

Setuid programs are often exploited by malicious attackers to obtain unauthorized access to local systems. Setuid programs, especially owned by the root user, are granted root privileges, allowing attackers to gain root privileges by exploiting vulnerabilities in the setuid-root programs. The vulnerabilities usually lie in code that does not require root privileges. Nevertheless, the entire code of setuid-root programs is granted root privileges. This paper presents a scheme called privileged code minimization that reduces the risk to setuid programs. In this scheme, setuid-root programs are divided into privileged code and non-privileged code. Privileged code is granted root privileges, while non-privileged code is not. This scheme reduces the size of trusted computing base (TCB) because it reduces the code running with root privileges, reducing the chances of attackers gaining root privileges by subverting setuid programs. Protection between privileged code and non-privileged code are enforced by fine-grained protection domains: a novel protection mechainsm of the operating system proposed by the authors.

机译：恶意攻击者经常利用Setuid程序来获得对本地系统的未授权访问。 Setuid程序（尤其是root用户拥有的setuid程序）被授予root特权，从而使攻击者可以利用setuid-root程序中的漏洞获得root特权。漏洞通常位于不需要root特权的代码中。尽管如此，setuid-root程序的整个代码仍被授予root特权。本文提出了一种称为特权代码最小化的方案，可以减少setuid程序的风险。在此方案中，setuid-root程序分为特权代码和非特权代码。特权代码被授予root特权，而非特权代码则未被授予root特权。此方案减少了可信计算库（TCB）的大小，因为它减少了以root特权运行的代码，从而减少了攻击者通过破坏setuid程序获得root特权的机会。特权代码和非特权代码之间的保护是由细粒度的保护域来实施的：作者提出的一种新颖的操作系统保护机制。

著录项

来源
《Parallel and Distributed Computing and Networks 》|2004年|P.301-309|共9页
会议地点 Innsbruck(AT);Innsbruck(AT)
作者
Takahiro Shinagawa; Kenji Kono;
展开▼
作者单位

Dept. of Computer, Infomation and Communication Sciences Tokyo University of Agriculture and Technology 2-24-16 Naka-cho, Koganei-shi, Tokyo 184-8588, Japan;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类计算机的应用 ;
关键词
security; operating system; fine-grained protection domain;

机译：安全;操作系统;细粒度保护域;

相似文献

外文文献
中文文献
专利

1. Design and Implementation of Secure Building Monitoring System using Programmable Wireless Mobile Camera [J] . Baidaa A. Atya, Abdul Monem S. Rahma, Abdul Mohssen J. Abdul Hossen International Journal of Computer Network and Information Security . 2017 ,第3期

机译：可编程无线移动摄像机的安全建筑监控系统的设计与实现
2. A formal approach to derive an aspect oriented programming-based implementation of a secure access control filter [J] . Mammar Amel, Nguyen Thi Mai, Laleau Regine Information and software technology . 2017 ,第deca期

机译：一种正式的方法来派生基于方面的基于编程的安全访问控制过滤器
3. An Energy Efficient Programmable Hardware Implementation of the Secure Hash 384 and 512 Algorithms [J] . SYED MOHSIN REZA ZAIDI, M HASAN IETE Journal of Research . 2007 ,第5期

机译：安全哈希384和512算法的节能高效可编程硬件实现
4. IMPLEMENTING A SECURE SETUID PROGRAM [C] . Takahiro Shinagawa, Kenji Kono IASTED International Multi-conference on Applied Informatics . 2004

机译：实现一个安全的setuid程序
5. Insecure attachment and parenting: A model therapeutic program for the treatment of insecurely attached adults. [D] . Ruffo, Emily Anne. 2007

机译：不安全依恋和养育子女：一个模型，用于治疗不安全依恋的成年人。
6. Realist Process Evaluation of the implementation and impact of an organisational cultural transformation programme in the Children and Young Peoples Secure Estate (CYPSE) in England: study protocol [O] . Sophie DSouza, Rebecca Lane, Jenna Jacob, 2021

机译：在英国儿童和青少年安全遗产（Cypsse）中组织文化转型计划的实施和影响的现实主义进程评估：研究方案
7. ABSTRACT Various body parts or organs can be analysed to identify the different diseases in the human body. Fingernail analysis is one of the ways to identify disease in the human body. Nails are the body part which are farthest from the heart and therefore receive oxygen at last. As a result the nails are the first who show the symptoms of a disease in the human body. Fingernails can be easily captured for diagnosis and there are no heavy equipment or no specific conditions required to use nail image for disease diagnosis, like in other tests and scanning processes. Human nails deliver beneficial information about complaints or any nutritive imbalances in the human body depending upon their shape, texture and colour. In human beings, numerous systemic and skin diseases can be easily analyzed through careful examination of nails of both the limbs. A lot of nail illnesses have been found to be primary signs of numerous underlying systemic illnesses. The colour, texture or shape changes in nails are signs of many diseases mainly affecting nails. Considering all these properties of nails a system is proposed that uses digital image processing (DIP) methods for identifying such changes in the human nail to get more precise results and predict numerous diseases effortlessly. With the emerging Internet of Things (IOT) concept the generated report is made available remotely, this will help users to reduce transportation efforts. As the system has to deal with large and private data, the security of data must be ensured. To keep the data confidential, the Blockchain concept which is one of the most emerging concepts in the field of data management is used. The paper contains the implementation of the digital image processing for feature extraction of nail images, usage of IOT (ThingSpeak cloud) for data storage and implementation of Blockchain to keep the system secured and theft free. KEY WORDS: Int ernet of thin gs (IOT), Image proc essin g, Thin gSpeak, RG B vavalues, Mean pi xel vavalues, Bloc kchain , Hash key. Disease Diagnostic System: Abnormalities in Human Nail [O] . Pranav S. Wazarkar 2020

机译：摘要的各个身体部位或器官可被分析以识别在人体内的不同的疾病。指甲分析来识别人体疾病的方法之一。指甲是身体一部分是离心脏最远，因此在最后接受氧气。作为结果，指甲是第一谁表现出人体疾病的症状。指甲可以容易地捕获用于诊断和没有重装或需要使用指甲图像用于疾病诊断，比如在其他测试和扫描过程没有特定的条件。人的指甲提供有关投诉或取决于它们的形状，纹理和色彩在人体内的任何营养失衡有益的信息。在人类中，许多全身性皮肤疾病是可以很容易地通过两个四肢指甲的仔细检查分析。很多指甲病已发现众多潜在系统性疾病的主要症状。在指甲的颜色，质地和形状的变化是许多疾病主要影响指甲的迹象。考虑到所有的指甲的这些性能的系统被提出，用于识别人指甲这样的变化以获得更精确的结果，并毫不费力预测许多疾病用途的数字图像处理（DIP）方法。随着物联网（IOT）的概念，新兴的互联网将生成的报告提供远程，这将帮助用户降低运输工作。由于系统必须处理大量的私人数据，数据的安全性必须得到保证。为了保持数据的机密性，使用Blockchain的概念，它是在数据管理领域的大多数新兴的概念之一。本文包含了数字图像处理的指甲图像，IOT（ThingSpeak云）的使用为数据存储和执行Blockchain的特征提取的执行，以保持固定的系统和盗窃免费。关键词：诠释薄GS（IOT），图像的ERNET PROC essin克，薄型gSpeak，RG乙vavalues，平均数PI XEL vavalues，阵营kchain，哈希密钥。疾病诊断系统：在人类指甲异常

IMPLEMENTING A SECURE SETUID PROGRAM

摘要

著录项

相似文献

相关主题

期刊订阅