A hierarchical protection model for protecting against executable content
作者: Takahiro Shinagawa , Kenji Kono , Takashi Masuda , K Words
DOI:
关键词:
摘要: PRESTO, Japan Science and Technology CorporationABSTRACTExecutable content poses a threat of unauthorized accessbecause it contains program code running on the user’smachine. Protecting against executable is difficultbecause inevitable flaws in implementation ofprotection mechanisms. This paper introduces hierarchi-cal protection model to tolerate mecha-nisms. improves both granularity therobustness mechanisms by nesting two pro-tection domains: level-1 domainto providefine-grained access control content, alevel-2 act as fail-safe mechanism.We achievedan efficient hierarchicalprotection that incorporated fine-grained protec-tion domains proposed our previous paper.KEY WORDSExecutable Content, Security, Operating System, Fine-grained Protection Domain
elsevier.com
researchgate.net 参考文章(23)
Takashi Masuda, Takahiro Shinagawa, Kenji Kono, Exploiting Segmentation Mechanism for Protecting against Malicious Mobile Code ,(2000)
Jay Lepreau, Bryan Ford, Evolving mach 3.0 to a migrating thread model usenix winter technical conference. pp. 9- 9 ,(1994)
John Michael Tracey, David L. Cohn, Arindam Banerji, Protected shared libraries: a new approach to modularity and sharing usenix annual technical conference. pp. 5- 5 ,(1997)
Lincoln D. Stein, SBOX: put CGI scripts in a box usenix annual technical conference. pp. 11- 11 ,(1999)
Gustavo Santana, Leonid B. Sheremetov, Miguel Contreras, Agent platform security architecture mathematical methods models and architectures for network security systems. pp. 457- 460 ,(2003) , 10.1007/978-3-540-45215-7_45
Hermann Härtig, Michael Hohmuth, Jochen Liedtke, Sebastian Schönberg, The performance of μ-kernel-based systems symposium on operating systems principles. ,vol. 31, pp. 66- 77 ,(1997) , 10.1145/268998.266660
Trent Jaeger, Atul Prakash, Jochen Liedtke, Nayeem Islam, Flexible control of downloaded executable content ACM Transactions on Information and System Security. ,vol. 2, pp. 177- 228 ,(1999) , 10.1145/317087.317091
Anurag Acharya, Mandar Raje, MAPbox: using parameterized behavior classes to confine untrusted applications usenix security symposium. pp. 1- 1 ,(2000)
Robert Wahbe, Steven Lucco, Thomas E. Anderson, Susan L. Graham, Efficient software-based fault isolation symposium on operating systems principles. ,vol. 27, pp. 203- 216 ,(1993) , 10.1145/168619.168635
Massimo Bernaschi, Emanuele Gabrielli, Luigi V. Mancini, Operating system enhancements to prevent the misuse of system calls computer and communications security. ,vol. 1, pp. 174- 183 ,(2000) , 10.1145/352600.352624