Skip to main content
SpringerLink
Log in

Security Testing for Operating System and Its System Calls

  • Conference paper
Book cover Security Technology (SecTech 2009)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 58))

Included in the following conference series:

  • 870 Accesses

Abstract

It is very important but quite difficult to test the security of an operating system. In this paper, some essential problems about security testing of an operating system are discussed, including conception and extension of security testing, feasibility and technical scheme for automated security testing of an operating system, security of system calls, testing sequence for system calls, and etc. Thereafter, a prototype system (i.e. a series of testing tools) for automated security testing of system calls is designed and implemented based on Fedora 9 and Linux kernel 2.6.25-14.fc9.i686, which is made up of control module, objects setup module, standard test module, special test module and test configuration database for each system call. Furthermore, test cases as well as test results for systems calls such as creat, access and etc are discussed and analyzed. Finally, the research work in this paper is summarized while further research directions are pointed out.

The research presented in this paper was performed with the support of Beijing Jiaotong University Grants for 2005SM016.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Zhai, G., Li, Y.: Analysis and Study of Security Mechanisms inside Linux Kernel. In: Proceedings of 2008 International Conference on Security Technology (SECTECH 2008), pp. 58–61. IEEE Computer Society, Los Alamitos (2008)

    Chapter  Google Scholar 

  2. Zhai, G., Zeng, J., Ma, M., Zhang, L.: Implementation and Automatic Testing for Security Enhancement of Linux Based on Least Privilege. In: Proceedings of the 2nd International Conference on Information Security and Assurance (ISA 2008), pp. 181–186. IEEE Computer Society, Los Alamitos (2008)

    Chapter  Google Scholar 

  3. Trusted Computer Systems Evaluation Criteria, US DoD 5200.28-STD (1985)

    Google Scholar 

  4. Common Criteria for Information Technology Security Evaluation. Version 2.2 (2008)

    Google Scholar 

  5. Myers, G.J., Badgett, T., Thomas, T.M., Sandler, C.: The Art of Software Testing, 2nd edn. John Wiley & Sons Inc., New Jersey (2004)

    Google Scholar 

  6. Mosley, D.J., Posey, B.A.: Just Enough Software Test Automation, 2nd edn. Pearson Education Inc., New Jersey (2002)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer and Information Technology, Beijing Jiaotong University, Shang Yuan Cun 3#, Hai Dian District, Beijing, 100044, China

    Gaoshou Zhai, Hanhui Niu, Na Yang, Minli Tian, Chengyu Liu & Hengsheng Yang

Authors
  1. Gaoshou Zhai
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hanhui Niu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Na Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Minli Tian
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Chengyu Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Hengsheng Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. University of Warsaw & Infobright Inc.,, Poland

    Dominik Ślęzak

  2. Hannam University, 306-791, Daejeon, South Korea

    Tai-hoon Kim

  3. National Chiao Tung University, Hsinchu, Taiwan

    Wai-Chi Fang

  4. Mississippi State University, Mississippi State MS, USA

    Kirk P. Arnett

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Zhai, G., Niu, H., Yang, N., Tian, M., Liu, C., Yang, H. (2009). Security Testing for Operating System and Its System Calls. In: Ślęzak, D., Kim, Th., Fang, WC., Arnett, K.P. (eds) Security Technology. SecTech 2009. Communications in Computer and Information Science, vol 58. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10847-1_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-10847-1_15

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-10846-4

  • Online ISBN: 978-3-642-10847-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation