Reducing Security Policy Size for Internet Servers in Secure Operating Systems
スポンサーリンク
概要
- 論文の詳細を見る
Secure operating systems (secure OSes) are widely used to limit the damage caused by unauthorized access to Internet servers. However, writing a security policy based on the principle of least privilege for a secure OS is a challenge for an administrator. Considering that remote attackers can never attack a server before they establish connections to it, we propose a novel scheme that exploits phases to simplify security policy descriptions for Internet servers. In our scheme, the entire system has two execution phases: an initialization phase and a protocol processing phase. The initialization phase is defined as the phase before the server establishes connections to its clients, and the protocol processing phase is defined as the phase after it establishes connections. The key observation is that access control should be enforced by the secure OS only in the protocol processing phase to defend against remote attacks. Since remote attacks cannot be launched in the initialization phase, a secure OS is not required to enforce access control in this phase. Thus, we can omit the access-control policy in the initialization phase, which effectively reduces the number of policy rules. To prove the effectiveness of our scheme, we wrote security policies for three kinds of Internet servers (HTTP, SMTP, and POP servers). Our experimental results demonstrate that our scheme effectively reduces the number of descriptions; it eliminates 47.2%, 27.5%, and 24.0% of policy rules for HTTP, SMTP, and POP servers, respectively, compared with an existing SELinux policy that includes the initialization of the server.
- 2009-11-01
著者
-
KONO Kenji
Keio Univ.
-
YOKOYAMA Toshihiro
School for Open and Envionmental Systems, Graduate School of Science and Technology, Keio University
-
HANAOKA Miyuki
School for Open and Envionmental Systems, Graduate School of Science and Technology, Keio University
-
SHIMAMURA Makoto
School for Open and Envionmental Systems, Graduate School of Science and Technology, Keio University
-
KONO Kenji
Department of Information and Computer Science, Faculty of Science and Technology, Keio University
-
SHINAGAWA Takahiro
Department of Computer Science, Graduate School of Systems and Information Engineering, University o
-
Hanaoka Miyuki
Graduate School Of Science And Technology Keio University
-
Hanaoka Miyuki
School For Open And Envionmental Systems Graduate School Of Science And Technology Keio University
-
Shimamura Makoto
School For Open And Envionmental Systems Graduate School Of Science And Technology Keio University
-
Yokoyama Toshihiro
School For Open And Envionmental Systems Graduate School Of Science And Technology Keio University
-
Shinagawa Takahiro
Department Of Computer Science Graduate School Of Systems And Information Engineering University Of
-
Kono Kenji
Department Of Information And Computer Science Faculty Of Science And Technology Keio University
-
Kono Kenji
Department Of Applied Chemistry Graduate School Of Engineering Osaka Prefecture University
関連論文
- 「手段」としての仮想マシン技術の研究(平成21年度論文賞の受賞論文紹介)
- Reducing Security Policy Size for Internet Servers in Secure Operating Systems
- Reducing Security Policy Size for Internet Servers in Secure Operating Systems
- Filtering False Positives Based on Server-Side Behaviors
- Windows PC をグリッド環境で利用するための軽量 Linux バイナリ実行システム
- A Strategy for Efficient Update Propagation on Peer-to-Peer Based Content Distribution Networks
- User-level Enforcement of Appropriate Background Process Execution
- Practical Approach to Integrating Network Coordinates with Distributed Hash Tables
- TCP Reassembler for Layer7-Aware Network Intrusion Detection/Prevention Systems(Dependable Computing)
- P2P-Based Approach to Finding Replica Server Locations for Alleviating Flash Crowds
- Using a Virtual Machine Monitor to Slow Down CPU Speed for Embedded Time-Sensitive Software Testing
- Using a Virtual Machine Monitor to Slow Down CPU Speed for Embedded Time-Sensitive Software Testing
- A State-Aware Protocol Fuzzer Based on Application-Layer Protocols
- Clustering Performance Anomalies Based on Similarity in Processing Time Changes
- Dendrimer-based bionanomaterials produced by surface modification, assembly and hybrid formation
- MashCache: Taming Flash Crowds by Using Their Good Features
- Lightweight Recovery from Kernel Failures Using Phase-based Reboot
- Lightweight Recovery from Kernel Failures Using Phase-based Reboot
- MashCache: Taming Flash Crowds by Using Their Good Features
- Using Fault Injection to Analyze the Scope of Error Propagation in Linux
- Honeyguide: A VM Migration-Aware Network Topology for Saving Energy Consumption in Data Center Networks
- Automatically Checking for Session Management Vulnerabilities in Web Applications
- Lipid-coating on polyamide microcapsules having long alkyl chains and the characterization of the lipid-coated surface.
- Strategy for Selecting Replica Server Spots on the Basis of Demand Fluctuations
- DiscNice: User-level Regulation of Disk Bandwidth