LOMAC: MAC You Can Live With
作者: Timothy Fraser
DOI:
关键词:
摘要: LOMAC is a security enhancement for Linux kernels. demonstrates that it possible to apply Mandatory Access Control techniques standard kernels already deployed in the field, and do so manner simple, compatible, largely invisible traditional user. The Loadable Kernel Module protects integrity of critical system processes files from viruses, worms, Trojan horses, malicious remote users. It compatible with 2.2 applications, seeks provide useful protection without site-specific configuration. designed be form MAC typical users can live with.
linas.org 参考文章(20)
Eric A. Brewer, David Wagner, Ian Goldberg, Randi Thomas, A secure environment for untrusted helper applications confining the Wily Hacker usenix security symposium. pp. 1- 1 ,(1996)
James P. Anderson, Computer Security Technology Planning Study ,(1972)
Daniel F. Sterne, David L. Sherman, Kenneth M. Walker, Lee Badger, A Domain and Type Enforcement UNIX Prototype. Computing Systems. ,vol. 9, pp. 47- 83 ,(1996)
Robert N. M. Watson, TrustedBSD: Adding Trusted Operating System Features to FreeBSD usenix annual technical conference. pp. 15- 28 ,(2001)
Phil Kearns, Serge E. Hallyn, Domain and type enforcement for linux ALS'00 Proceedings of the 4th annual Linux Showcase & Conference - Volume 4. pp. 15- 15 ,(2000) , 10.21220/S2-0X9T-AG80
Steven B. Lipner, Non-Discretionery Controls for Commercial Applications ieee symposium on security and privacy. pp. 2- 2 ,(1982) , 10.1109/SP.1982.10022
Douglas P. Ghormley, Steven H. Rodrigues, Thomas E. Anderson, David Petrou, SLIC: an extensibility system for commodity operating systems usenix annual technical conference. pp. 4- 4 ,(1998)
Peter Loscocco, Stephen Smalley, Integrating Flexible Support for Security Policies into the Linux Operating System usenix annual technical conference. pp. 29- 42 ,(2001)
J.H. Saltzer, M.D. Schroeder, The protection of information in computer systems Proceedings of the IEEE. ,vol. 63, pp. 1278- 1308 ,(1975) , 10.1109/PROC.1975.9939
K. J. Biba, Integrity Considerations for Secure Computer Systems ,(1977)