ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Application security support in the operating system kernel
Full text PdfPdf (336 KB)
Source ASIAN ACM Symposium on Information, Computer and Communications Security archive
Proceedings of the 2006 ACM Symposium on Information, computer and communications security table of contents
Taipei, Taiwan
SESSION: Software security table of contents
Pages: 201 - 211  
Year of Publication: 2006
ISBN:1-59593-272-0
Authors
Manigandan Radhakrishnan  University of Illinois at Chicago, SEO, Chicago IL
Jon A. Solworth  University of Illinois at Chicago, SEO, Chicago IL
Sponsor
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 16,   Downloads (12 Months): 202,   Citation Count: 2
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Review this Article  
Save this Article to a Binder    Display Formats: BibTex  EndNote ACM Ref   
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1128817.1128848
What is a DOI?

ABSTRACT

Application security is typically coded in the application. In kernelSec, we are investigating mechanisms to implement application security in an operating system kernel. The mechanisms are oriented towards providing authorization properties, and this goal drives the design of permissions and protection mechanisms.The resulting system is dynamic, allowing the set of permissions for a program to evolve during program execution. This reduces the need for users and applications to be aware of protection mechanism, since the protection mechanism provides the user with more freedom in how they do things. We explore these properties through a number of examples.KernelSec also supports a group (role) mechanism which can define constrained groups enabling groups which only grow, only shrink, are constant, are mutually exclusive with other groups, and which allow inheritance. Moreover groups are used to regulate group membership and allow group administration by non-privileged users.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
L. Badger, D. F. Sterne, D. L. Sherman, K. M. Walker, and S. A. Haghihat. A domain and type enforcement UNIX prototype. In Proc. of the USENIX Security Symposium, Salt Lake City, 1995.
 
2
D. E. Bell and L. J. LaPadula. Secure computer systems: Mathematical foundations and model. Technical Report M74-244, Mitre Corporation, Bedford MA, 1973.
 
3
Jeffrey L. Berger , Jeffrey Picciotto , John P. L. Woodward , Paul T. Cummings, Compartmented Mode Workstation: Prototype Highlights, IEEE Transactions on Software Engineering, v.16 n.6, p.608-618, June 1990  [doi>10.1109/32.55089 ]
 
4
K. Biba. Integrity considerations for secure computer systems. Technical Report TR-3153, MITRE Corp, Bedford, MA, 1977.
 
5
W. E. Boebert and R. Kain. A practical alternative to hierarchical integrity policies. In 8th National Computer Security Conference, pages 18--27, 1985.
 
6
D. F. C. Brewer and M. J. Nash. The Chinese Wall security policy. In Proc. IEEE Symp. Security and Privacy, pages 206--214, 1989.
 
7
D. Brumley and D. X. Song. Privtrans: Automatically partitioning programs for privilege separation. In USENIX Security Symposium, pages 57--72, 2004.
 
8
Hao Chen , David Wagner , Drew Dean, Setuid Demystified, Proceedings of the 11th USENIX Security Symposium, p.171-190, August 05-09, 2002
 
9
D. D. Clark and D. R. Wilson. A comparison of commercial and military computer security policies. In Proc. IEEE Symp. Security and Privacy, pages 184--194, 1987.
10
Jason Crampton, Specifying and enforcing constraints in role-based access control, Proceedings of the eighth ACM symposium on Access control models and technologies, June 02-03, 2003, Como, Italy  [doi>10.1145/775412.775419]
 
11
D. F. Ferraiolo and R. Kuhn. Role based access control. In 15th National Computer Security Conference, pages 554--563, Baltimore, MD, 1992.
 
12
T. Fraser. LOMAC-low water-mark mandatory access control for Linux. In Proc. of the USENIX Security Symposium, Washington D.C., 1999.
 
13
V. Gligor. A guide to understanding covert channel analysis of trusted systems. Technical Report NCSC-TG-030, National Computer Security Center, Ft. George G. Meade, Maryland, U.S.A., Nov. 1993. Approved for public release: distribution unlimited.
14
Trent Jaeger, On the increasing importance of constraints, Proceedings of the fourth ACM workshop on Role-based access control, p.33-42, October 28-29, 1999, Fairfax, Virginia, United States  [doi>10.1145/319171.319175]
 
15
K. Jain and R. Sekar. User-level infrastructure for system call interposition: A platform for intrusion detection and confinement. In NDSS, 2000.
 
16
Myong H. Kang , Andrew P. Moore , Ira S. Moskowitz, Design and Assurance Strategy for the NRL Pump, Computer, v.31 n.4, p.56-64, April 1998  [doi>10.1109/2.666843 ]
 
17
B. Lampson. Protection. In Fifth Princeton Symposium on Information Sciences and Systems, 1971.
18
Butler W. Lampson, A note on the confinement problem, Communications of the ACM, v.16 n.10, p.613-615, Oct. 1973  [doi>10.1145/362375.362389]
 
19
J. Millen. Twenty years of covert channel modeling and analysis. In Proc. IEEE Symp. Security and Privacy, pages 20--114, 1999.
 
20
R. O'Brien and C. Rogers. Developing applications on LOCK. In Proc. 14th NIST-NCSC National Computer Security Conference, pages 147--156, 1991.
 
21
D. of Defense. Trusted computer system evaluation criteria. Technical Report DOD 5200.28--STD, U. S. Department of Defense, 1985.
 
22
J. H. Saltzer and M. D. Schroeder. The protection of information in computer system. Proceedings of the IEEE, 63(9):1278--1308, 1975.
 
23
Ravi S. Sandhu, Lattice-Based Access Control Models, Computer, v.26 n.11, p.9-19, November 1993  [doi>10.1109/2.241422 ]
 
24
Ravi S. Sandhu , Edward J. Coyne , Hal L. Feinstein , Charles E. Youman, Role-Based Access Control Models, Computer, v.29 n.2, p.38-47, February 1996  [doi>10.1109/2.485845 ]
25
Jonathan S. Shapiro , Jonathan M. Smith , David J. Farber, EROS: a fast capability system, Proceedings of the seventeenth ACM symposium on Operating systems principles, p.170-185, December 12-15, 1999, Charleston, South Carolina, United States
 
26
Jonathan S. Shapiro , Sam Weber, Verifying the EROS Confinement Mechanism, Proceedings of the 2000 IEEE Symposium on Security and Privacy, p.166, May 14-17, 2000
 
27
S. Smalley, C. Vance, and W. Salamon. Implementing SELinux as a Linux security module. Report #01-043, NAI Labs, Dec. 2001. Revised April 2002.
28
Jon A. Solworth, Approvability, Proceedings of the 2006 ACM Symposium on Information, computer and communications security, March 21-24, 2006, Taipei, Taiwan  [doi>10.1145/1128817.1128852]
 
29
J. A. Solworth and R. H. Sloan. Decidable administrative controls based on security properties, 2004. Available at http://parsys.cs.uic.edu/~solworth/kernelSec.html.
 
30
J. A. Solworth and R. H. Sloan. A layered design of discretionary access controls with decidable properties. In Proc. IEEE Symp. Security and Privacy, pages 56--67, 2004.
 
31
J. A. Solworth and R. H. Sloan. Security property-based administrative controls. In Proc. European Symp. Research in Computer Security (ESORICS), volume 3139 of Lecture Notes in Computer Science, pages 244--259. Springer, 2004.
32
Jonathon E. Tidswell , Trent Jaeger, An access control model for simplifying constraint expression, Proceedings of the 7th ACM conference on Computer and communications security, p.154-163, November 01-04, 2000, Athens, Greece  [doi>10.1145/352600.352622]
33
Jonathon E. Tidswell , Trent Jaeger, Integrated constraints and inheritance in DTAC, Proceedings of the fifth ACM workshop on Role-based access control, p.93-102, July 26-28, 2000, Berlin, Germany  [doi>10.1145/344287.344307]
34
Vijay Varadharajan , Phillip Allen, Joint actions based authorization schemes, ACM SIGOPS Operating Systems Review, v.30 n.3, p.32-45, July 1996  [doi>10.1145/230908.230915]
 
35
Robert N. M. Watson, TrustedBSD: Adding Trusted Operating System Features to FreeBSD, Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference, p.15-28, June 25-30, 2001
 
36
C. Weissman. Security controls in the ADEPT-50 time-sharing system. Proc. FJCC, AFIPS, 35, 1969.
 
37
Chris Wright , Crispin Cowan , Stephen Smalley , James Morris , Greg Kroah-Hartman, Linux Security Modules: General Security Support for the Linux Kernel, Proceedings of the 11th USENIX Security Symposium, p.17-31, August 05-09, 2002

CITED BY  2
Jon A. Solworth, Approvability, Proceedings of the 2006 ACM Symposium on Information, computer and communications security, March 21-24, 2006, Taipei, Taiwan
Xinwen Zhang , Michael J. Covington , Songqing Chen , Ravi Sandhu, SecureBus: towards application-transparent trusted computing with mandatory access control, Proceedings of the 2nd ACM symposium on Information, computer and communications security, March 20-22, 2007, Singapore

INDEX TERMS

Primary Classification:
  D. Software
  D.4 OPERATING SYSTEMS
      D.4.6 Security and Protection


General Terms:
Security


Keywords:
access controls, authorization, authorization properties, information flow, operating systems, separation of duty

Collaborative Colleagues:
Manigandan Radhakrishnan: colleagues
Jon A. Solworth: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player