Abstract
Security threats to operating systems today largely come from network. Traditional discretionary access control mechanism alone can hardly defeat them. Although traditional mandatory access control models can effectively protect the security of OS, they have problems of application incompatibility and administration complexity. In this paper, we propose a new model, Suspicious-Taint-Based Access Control (STBAC) model, for defeating network attacks while maintaining good compatibility, simplicity and system performance. STBAC regards processes using Non-Trustable-Communications as starting points of suspicious taint, traces activities of the suspiciously tainted processes by taint rules, and forbids the suspiciously tainted processes to illegally access vital resources by protection rules. Even in the cases when some privileged processes are subverted, STBAC can still protect vital resources from being compromised by the intruder. We implemented the model in the Linux kernel and evaluated it through experiments. The evaluation showed that STBAC could protect vital resources effectively without significant impact on compatibility and performance.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Badger, L., Sterne, D.F., Sherman, D.L., Walker, K.M., Haghighat, S.A.: A domain and type enforcement UNIX prototype. In: Proc. of the 5th USENIX UNIX Security Symposium (June 1995)
Fraser, T.: LOMAC: Low Water-Mark Integrity Protection for COTS Environments. In: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA (May 2000)
Fraser, T.: LOMAC:MAC You Can LiveWith. In: Proceedings of the FREENIX Track, USENIX Annual Technical Conference, Boston, MA (June 2001)
Huagang, X.: Build a secure system with LIDS (2000), Available online at http://www.lids.org/document/build_lids-0.2.html
Bell, D.E., LaPadula, L.: Secure Computer Systems: Unified Exposition and Multics Interpretation, NTIS AD-A023 588, MTR 2997, ESD-TR-75-306, Mitre Corporation, Bedford MA (1976)
Biba, K.J.: Integrity considerations for secure computer systems. Technical Report MTR 3153, The Mitre Corporation (April 1977)
Sandhu, R.S., et al.: Role-Based Access Control Models. IEEE Computer 29(2), 38–47 (1996)
Badger, L., Sterne, D.F., Sherman, D.L., Walker, K.M., Haghighat, S.A.: Practical Domain and Type Enforcement for UNIX. In: IEEE Symposium on Security and Privacy, Oakland, CA (May 1995)
Hallyn, S., Kearns, P.: Domain and Type Enforcement for Linux. In: Proceedings of the 4th Annual Linux Showcase and Conference (October 2000)
King, S.T., Chen, P.M.: Backtracking intrusions. TOCS. ACM Transactions on Computer Systems (2005)
Zhu, N., Chiueh, T.: Design, implementation, and evaluation of repairable file service. In: DSN. Proceedings of the 2003 International Conference on Dependable Systems and Networks, pp. 217–226 (2003)
Farhadi, K., Li, Z., Goel, A., Po, K., Lara, E.: The taser intrusion recovery system. In: Proceedings of the twentieth ACM symposium on Operating systems principles (2005)
King, S.T., Chen, P.M.: Backtracking Intrusions. In: SOSP 2003. Proceedings of ACM Symposium on Operating Systems Principles (October 2003)
Information technology security evaluation criteria (ITSEC). Technical Report Version 1.2, Commission of the European Communities, Brussels, Belgium (June 1991)
Provos, N.: Improving Host Security with System Call Policies. In: 12th USENIX Security Symposium, Washington, DC (August 2003)
Loscocco, P., Smalley, S.: Integrating flexible support for security policies into the Linux operating system. In: Proc. of the 2001 USENIX, FREENIX track, pp. 29–40 (June 2001)
Abrams, M., LaPadula, L., Eggers, K., Olson, I.: A Generalized Framework for Access Control: an Informal Description. In: Proceedings of the 13th National Computer Security Conference, pp. 134–143 (October 1990)
Abrams, M.D., Joyce, M.V.: Extending the ISO Access Control Framework for Multiple Policies. In: IFIP Transactions in Computer Security A-37, Elsevier Publishers, Amsterdam (1993)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Shan, Z., Wang, Q., Meng, X. (2007). An OS Security Protection Model for Defeating Attacks from Network. In: McDaniel, P., Gupta, S.K. (eds) Information Systems Security. ICISS 2007. Lecture Notes in Computer Science, vol 4812. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77086-2_3
Download citation
DOI: https://doi.org/10.1007/978-3-540-77086-2_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-77085-5
Online ISBN: 978-3-540-77086-2
eBook Packages: Computer ScienceComputer Science (R0)