|
Abstract:
|
"Host compromise is one of the most serious security problems for
operating systems today. Existing integrity protection models for
operating systems are difficult to use; on the other hand, the most
available integrity protection models only provide heuristic
approaches without strong guarantees.
This paper presents SecGuard, a secure and high-available integrity
protection model for operating systems. To ensure the security of
systems, SecGuard provides formal guarantees that operating systems
are security under three threats: network-based threat, IPC
communication threat, and contaminative file threat. On the other
hand, we introduce some novel mechanisms to ensure high-available
of the model. For instance, SecGuard leverages the information of
the existing discretionary access control mechanism to initialize
integrity labels for subjects and objects in the systems. Moreover,
we describe the implementation of SecGuard for Linux using Linux
Security Modules framework, and show it has low overhead and
effectively achieve security and high-availability for operating
systems."
|