| | |
| | |
Stat |
Members: 3667 Articles: 2'599'751 Articles rated: 2609
07 February 2025 |
|
| | | |
|
Article overview
| |
|
Suspicious-Taint-Based Access Control for Protecting OS from Network Attacks | Zhiyong Shan
; | Date: |
1 Sep 2016 | Abstract: | Today, security threats to operating systems largely come from network.
Traditional discretionary access control mechanism alone can hardly defeat
them. Although traditional mandatory access control models can effectively
protect the security of OS, they have problems of being incompatible with
application software and complex in administration. In this paper, we propose a
new model, Suspicious-Taint-Based Access Control (STBAC) model, for defeating
network attacks while being compatible, simple and maintaining good system
performance. STBAC regards the processes using Non-Trustable-Communications as
the starting points of suspicious taint, traces the activities of the
suspiciously tainted processes by taint rules, and forbids the suspiciously
tainted processes to illegally access vital resources by protection rules. Even
in the cases when some privileged processes are subverted, STBAC can still
protect vital resources from being compromised by the intruder. We implemented
the model in the Linux kernel and evaluated it through experiments. The
evaluation showed that STBAC could protect vital resources effectively without
significant impact on compatibility and performance. | Source: | arXiv, 1609.0100 | Services: | Forum | Review | PDF | Favorites |
|
|
No review found.
Did you like this article?
Note: answers to reviews or questions about the article must be posted in the forum section.
Authors are not allowed to review their own article. They can use the forum section.
|
| |
|
|
|