• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>Web technologies and applications >SecGuard: Secure and Practical Integrity Protection Model for Operating Systems
【24h】

SecGuard: Secure and Practical Integrity Protection Model for Operating Systems

机译:SecGuard:操作系统的安全实用的完整性保护模型

获取原文
获取原文并翻译 | 示例
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Host compromise is a serious security problem for operating systems. Most previous solutions based on integrity protection models are difficult to use; on the other hand, usable integrity protection models can only provide limited protection. This paper presents SecGuard, a secure and practical integrity protection model. To ensure the security of systems, SecGuard provides provable guarantees for operating systems to defend against three categories of threats: network-based threat, IPC communication threat and contaminative file threat. To ensure practicability, SecGuard introduces several novel techniques. For example, SecGuard leverages the information of existing discretionary access control information to initialize integrity labels for subjects and objects in the system. We developed the prototype system of SecGuard based on Linux Security Modules framework (LSM), and evaluated the security and practicability of SecGuard.
机译:主机损害是操作系统的严重安全问题。以前基于完整性保护模型的大多数解决方案都很难使用。另一方面,可用的完整性保护模型只能提供有限的保护。本文介绍了SecGuard,这是一种安全实用的完整性保护模型。为了确保系统的安全性,SecGuard为操作系统提供了可证明的保证,可以防御三类威胁:基于网络的威胁,IPC通信威胁和污染性文件威胁。为了确保实用性,SecGuard引入了几种新颖的技术。例如,SecGuard利用现有的自由访问控制信息来初始化系统中主题和对象的完整性标签。我们基于Linux安全模块框架(LSM)开发了SecGuard的原型系统,并评估了SecGuard的安全性和实用性。

著录项

  • 来源
    《Web technologies and applications》|2011年|p.370-375|共6页
  • 会议地点 Beijing(CN);Beijing(CN)
  • 作者

    Ennan Zhai; Qingni Shen; Yonggang Wang; Tao Yang; Liping Ding; Sihan Qing;

  • 作者单位

    School of Software and Microelectronics, Peking University, China,Institute of Software, Chinese Academy of Sciences, China;

    School of Software and Microelectronics, Peking University, China,MoE Key Lab of Network and Software Assurance, Peking University, China,Network Information Security Lab, Institute of Software, Peking University, China;

    MoE Key Lab of Network and Software Assurance, Peking University, China,Network Information Security Lab, Institute of Software, Peking University, China;

    MoE Key Lab of Network and Software Assurance, Peking University, China,Network Information Security Lab, Institute of Software, Peking University, China;

    Institute of Software, Chinese Academy of Sciences, China;

    School of Software and Microelectronics, Peking University, China,Institute of Software, Chinese Academy of Sciences, China;

  • 会议组织
  • 原文格式 PDF
  • 正文语种 eng
  • 中图分类 计算机网络;
  • 关键词

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号