Article

Usable Mandatory Integrity Protection for Operating Systems

Authors:

Ninghui Li,

Ziqing Mao,

Hong ChenAuthors Info & Claims

SP '07: Proceedings of the 2007 IEEE Symposium on Security and Privacy

Pages 164 - 178

https://doi.org/10.1109/SP.2007.37

Published: 20 May 2007 Publication History

Publisher Site

Abstract

Existing mandatory access control systems for operating systems are difficult to use. We identify several principles for designing usable access control systems and introduce the Usable Mandatory Integrity Protection (UMIP) model that adds usable mandatory access control to operating systems. The UMIP model is designed to preserve system integrity in the face of network-based attacks. The usability goals for UMIP are twofold. First, configuring a UMIP system should not be more difficult than installing and configuring an operating system. Second, existing applications and common usage practices can still be used under UMIP. UMIP has several novel features to achieve these goals. For example, it introduces several concepts for expressing partial trust in programs. Furthermore, it leverages information in the existing discretionary access control mechanism to derive file labels for mandatory integrity protection. We also discuss our implementation of the UMIP model for Linux using the Linux Security Modules framework, and show that it is simple to configure, has low overhead, and effectively defends against a number of network-based attacks.

Cited By

View all

Yuan ZLi WYang ZSun LDu XZhang H(2021)A Noninterference Model for Mobile OS Information Flow Control and Its Policy VerificationSecurity and Communication Networks10.1155/2021/24818182021Online publication date: 1-Jan-2021
https://dl.acm.org/doi/10.1155/2021/2481818
Sze WSekar R(2015)Provenance-based Integrity Protection for WindowsProceedings of the 31st Annual Computer Security Applications Conference10.1145/2818000.2818011(211-220)Online publication date: 7-Dec-2015
https://dl.acm.org/doi/10.1145/2818000.2818011
Jaeger TGe XMuthukumaran DRueda SSchiffman JVijayakumar H(2015)Designing for Attack SurfacesProceedings of the 5th International Conference on Security, Privacy, and Applied Cryptography Engineering - Volume 935410.1007/978-3-319-24126-5_4(55-74)Online publication date: 3-Oct-2015
https://dl.acm.org/doi/10.1007/978-3-319-24126-5_4
Show More Cited By

Index Terms

Usable Mandatory Integrity Protection for Operating Systems
1. Security and privacy
  1. Security services
    1. Access control
  2. Systems security
    1. Information flow control
    2. Operating systems security
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

Combining Discretionary Policy with Mandatory Information Flow in Operating Systems

Discretionary Access Control (DAC) is the primary access control mechanism in today’s major operating systems. It is, however, vulnerable to Trojan Horse attacks and attacks exploiting buggy software. We propose to combine the discretionary policy in ...
Accommodative mandatory access control
Configuring role-based access control to enforce mandatory and discretionary access control policies

Access control models have traditionally included mandatory access control (or lattice-based access control) and discretionary access control. Subsequently, role-based access control has been introduced, along with claims that its mechanisms are general ...

Comments

Information & Contributors

Information

Published In

SP '07: Proceedings of the 2007 IEEE Symposium on Security and Privacy

May 2007

362 pages

ISBN:0769528481

Publisher

IEEE Computer Society

United States

Publication History

Published: 20 May 2007

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

21
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 09 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Yuan ZLi WYang ZSun LDu XZhang H(2021)A Noninterference Model for Mobile OS Information Flow Control and Its Policy VerificationSecurity and Communication Networks10.1155/2021/24818182021Online publication date: 1-Jan-2021
https://dl.acm.org/doi/10.1155/2021/2481818
Sze WSekar R(2015)Provenance-based Integrity Protection for WindowsProceedings of the 31st Annual Computer Security Applications Conference10.1145/2818000.2818011(211-220)Online publication date: 7-Dec-2015
https://dl.acm.org/doi/10.1145/2818000.2818011
Jaeger TGe XMuthukumaran DRueda SSchiffman JVijayakumar H(2015)Designing for Attack SurfacesProceedings of the 5th International Conference on Security, Privacy, and Applied Cryptography Engineering - Volume 935410.1007/978-3-319-24126-5_4(55-74)Online publication date: 3-Oct-2015
https://dl.acm.org/doi/10.1007/978-3-319-24126-5_4
Sze WSekar ROsborn STripunitara MMolloy I(2014)Comprehensive integrity protection for desktop linuxProceedings of the 19th ACM symposium on Access control models and technologies10.1145/2613087.2613112(89-92)Online publication date: 25-Jun-2014
https://dl.acm.org/doi/10.1145/2613087.2613112
Sze WMital BSekar ROsborn STripunitara MMolloy I(2014)Towards more usable information flow policies for contemporary operating systemsProceedings of the 19th ACM symposium on Access control models and technologies10.1145/2613087.2613110(75-84)Online publication date: 25-Jun-2014
https://dl.acm.org/doi/10.1145/2613087.2613110
Win TTianfield HMair Q(2014)Virtualization Security Combining Mandatory Access Control and Virtual Machine IntrospectionProceedings of the 2014 IEEE/ACM 7th International Conference on Utility and Cloud Computing10.1109/UCC.2014.165(1004-1009)Online publication date: 8-Dec-2014
https://dl.acm.org/doi/10.1109/UCC.2014.165
Sze WSekar RPayne C(2013)A portable user-level approach for system-wide integrity protectionProceedings of the 29th Annual Computer Security Applications Conference10.1145/2523649.2523655(219-228)Online publication date: 9-Dec-2013
https://dl.acm.org/doi/10.1145/2523649.2523655
Muthukumaran DRueda STalele NVijayakumar HTeutsch JJaeger TZakon R(2012)Transforming commodity security policies to enforce Clark-Wilson integrityProceedings of the 28th Annual Computer Security Applications Conference10.1145/2420950.2420991(269-278)Online publication date: 3-Dec-2012
https://dl.acm.org/doi/10.1145/2420950.2420991
Almohri HYao DKafura DBertino ESandhu R(2012)Identifying native applications with high assuranceProceedings of the second ACM conference on Data and Application Security and Privacy10.1145/2133601.2133635(275-282)Online publication date: 7-Feb-2012
https://dl.acm.org/doi/10.1145/2133601.2133635
Schiffman JVijayakumar HJaeger T(2012)Verifying system integrity by proxyProceedings of the 5th international conference on Trust and Trustworthy Computing10.1007/978-3-642-30921-2_11(179-200)Online publication date: 13-Jun-2012
https://dl.acm.org/doi/10.1007/978-3-642-30921-2_11
Show More Cited By

Abstract

Cited By

Index Terms

Recommendations

Combining Discretionary Policy with Mandatory Information Flow in Operating Systems

Accommodative mandatory access control

Configuring role-based access control to enforce mandatory and discretionary access control policies

Comments

Information

Published In

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations