Design and implementation of an extended reference monitor for trusted operating systems

Hyung Chan Kim, Wook Shin, R. S. Ramakrishna, Kouichi Sakurai

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

Conventional access control schemes have supported confidentiality and integrity acknowledging the necessary organizational security policy in operating systems. However, many runtime attacks in operating systems involve behavioral semantics, indicating that attacks should be seen as a sequence of access operations. Ironically these attacks are legitimate under any access control policy. This is due to the lack of behavioral dimension in security enforcement. We propose an extended reference monitor to include this dimension. Our method is based on safety property specification on system call sequences. The reference monitor checks the trace at runtime for behavior control in Linux operating system.

Original languageEnglish
Title of host publicationInformation Security Practice and Experience - Second International Conference, ISPEC 2006, Proceedings
Pages235-247
Number of pages13
Publication statusPublished - Jul 10 2006
Event2nd International Conference on Information Security Practice and Experience, ISPEC 2006 - Hangzhou, China
Duration: Apr 11 2006Apr 14 2006

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume3903 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other2nd International Conference on Information Security Practice and Experience, ISPEC 2006
CountryChina
CityHangzhou
Period4/11/064/14/06

Fingerprint

Organizational Policy
Behavior Control
Confidentiality
Semantics
Access control
Operating Systems
Monitor
Attack
Access Control
Safety
Computer operating systems
Security Policy
Linux
Control Policy
Specifications
Integrity
Trace
Specification
Necessary
Design

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Kim, H. C., Shin, W., Ramakrishna, R. S., & Sakurai, K. (2006). Design and implementation of an extended reference monitor for trusted operating systems. In Information Security Practice and Experience - Second International Conference, ISPEC 2006, Proceedings (pp. 235-247). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 3903 LNCS).

Design and implementation of an extended reference monitor for trusted operating systems. / Kim, Hyung Chan; Shin, Wook; Ramakrishna, R. S.; Sakurai, Kouichi.

Information Security Practice and Experience - Second International Conference, ISPEC 2006, Proceedings. 2006. p. 235-247 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 3903 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Kim, HC, Shin, W, Ramakrishna, RS & Sakurai, K 2006, Design and implementation of an extended reference monitor for trusted operating systems. in Information Security Practice and Experience - Second International Conference, ISPEC 2006, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 3903 LNCS, pp. 235-247, 2nd International Conference on Information Security Practice and Experience, ISPEC 2006, Hangzhou, China, 4/11/06.
Kim HC, Shin W, Ramakrishna RS, Sakurai K. Design and implementation of an extended reference monitor for trusted operating systems. In Information Security Practice and Experience - Second International Conference, ISPEC 2006, Proceedings. 2006. p. 235-247. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
Kim, Hyung Chan ; Shin, Wook ; Ramakrishna, R. S. ; Sakurai, Kouichi. / Design and implementation of an extended reference monitor for trusted operating systems. Information Security Practice and Experience - Second International Conference, ISPEC 2006, Proceedings. 2006. pp. 235-247 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{4bf8bd10a8bf44e99966cb027c694a8f,
title = "Design and implementation of an extended reference monitor for trusted operating systems",
abstract = "Conventional access control schemes have supported confidentiality and integrity acknowledging the necessary organizational security policy in operating systems. However, many runtime attacks in operating systems involve behavioral semantics, indicating that attacks should be seen as a sequence of access operations. Ironically these attacks are legitimate under any access control policy. This is due to the lack of behavioral dimension in security enforcement. We propose an extended reference monitor to include this dimension. Our method is based on safety property specification on system call sequences. The reference monitor checks the trace at runtime for behavior control in Linux operating system.",
author = "Kim, {Hyung Chan} and Wook Shin and Ramakrishna, {R. S.} and Kouichi Sakurai",
year = "2006",
month = "7",
day = "10",
language = "English",
isbn = "3540330526",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
pages = "235--247",
booktitle = "Information Security Practice and Experience - Second International Conference, ISPEC 2006, Proceedings",

}

TY - GEN

T1 - Design and implementation of an extended reference monitor for trusted operating systems

AU - Kim, Hyung Chan

AU - Shin, Wook

AU - Ramakrishna, R. S.

AU - Sakurai, Kouichi

PY - 2006/7/10

Y1 - 2006/7/10

N2 - Conventional access control schemes have supported confidentiality and integrity acknowledging the necessary organizational security policy in operating systems. However, many runtime attacks in operating systems involve behavioral semantics, indicating that attacks should be seen as a sequence of access operations. Ironically these attacks are legitimate under any access control policy. This is due to the lack of behavioral dimension in security enforcement. We propose an extended reference monitor to include this dimension. Our method is based on safety property specification on system call sequences. The reference monitor checks the trace at runtime for behavior control in Linux operating system.

AB - Conventional access control schemes have supported confidentiality and integrity acknowledging the necessary organizational security policy in operating systems. However, many runtime attacks in operating systems involve behavioral semantics, indicating that attacks should be seen as a sequence of access operations. Ironically these attacks are legitimate under any access control policy. This is due to the lack of behavioral dimension in security enforcement. We propose an extended reference monitor to include this dimension. Our method is based on safety property specification on system call sequences. The reference monitor checks the trace at runtime for behavior control in Linux operating system.

UR - http://www.scopus.com/inward/record.url?scp=33745607332&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=33745607332&partnerID=8YFLogxK

M3 - Conference contribution

SN - 3540330526

SN - 9783540330523

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 235

EP - 247

BT - Information Security Practice and Experience - Second International Conference, ISPEC 2006, Proceedings

ER -