Enforcement of integrated security policy in trusted operating systems

Hyung Chan Kim, R. S. Ramakrishna, Wook Shin, Kouichi Sakurai

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

The main focus of Trusted Operating System (TOS) research these days is on the enhanced access control of reference monitors which, in turn, control the individual operations on a given access instance. However, many real-life runtime attacks involve behavioral semantics. It is desirable, therefore, to enforce an integrated security policy that includes both behavioral security and access control policies. We have proposed an extended reference monitor to support both access and behavior controls. This results in a sequence of operations which is also of concern in security enforcement. This paper presents the design of the extended reference monitor for integrated policy enforcement and describes its implementation in Linux operating systems.

Original languageEnglish
Title of host publicationAdvances in Information and Computer Security - Second International Workshop on Security, IWSEC 2007, Proceedings
Pages214-229
Number of pages16
Publication statusPublished - Dec 1 2007
Event2nd International Workshop on Security, IWSEC 2007 - Nara, Japan
Duration: Oct 29 2007Oct 31 2007

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4752 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other2nd International Workshop on Security, IWSEC 2007
CountryJapan
CityNara
Period10/29/0710/31/07

    Fingerprint

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Kim, H. C., Ramakrishna, R. S., Shin, W., & Sakurai, K. (2007). Enforcement of integrated security policy in trusted operating systems. In Advances in Information and Computer Security - Second International Workshop on Security, IWSEC 2007, Proceedings (pp. 214-229). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4752 LNCS).