350 rub
Journal Highly available systems №2 for 2012 г.
Article in number:
Hard principle of least privilege for fine-grained access control and computer attack mitigation
Authors:
P.S. Bushmakin, A.V. Sapozhnikov, D.Yu. Gamayunov
Abstract:
The principle of least privilege is widely recognized in the field of operation systems security, and it states that application should be granted with only minimal set of privileges, neccessary for normal execution. In this paper we research the possibility of implementing hard principle of least privilege, when the set of provoleges available for the given application changes over time according to the real observed path of application's execution. We propose implementation of the hard principle of least privileges for the Linux operating system for different types of applications, including multithreaded applications, where privilege control should be done intependently for each of the application's threads. The proposed attack mitigation architecture looks promicing for mobile security especially.
Pages: 23-32
References
  1. MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones Lucas Davi, Alexandra Dmitrienko, Manuel Egele, Thomas Fischer, Thorsten Holz, Ralf Hund, Stefan Nürnberger, Ahmad-Reza Sadeghi In: 19th Annual Network & Distributed System Security Symposium (NDSS), Februar 2012.
  2. Towards Taming Privilege-Escalation Attacks on Android. Sven Bugiel, Lucas Davi, Alexandra Dmitrienko, Thomas Fischer, Ahmad-Reza Sadeghi, Bhargava Shastry. In: 19th Annual Network & Distributed System Security Symposium (NDSS), Februar 2012.
  3. Martinelli F. and Matteucci I. Through modeling to synthesis of security automata // In Proc. of ENTCS STM06, 2006.
  4. Bauer L., Ligatti J., and Walker D. Composing expressive run-time security policies // ACM Transactions on Software Engineering and Methodology. V. 18. №3. Article 9. 2009.
  5. Bittau A., Marchenko P., Handley M., and Karp B. Wedge: Splitting Applications into Reduced-Privilege Compartments // In Proc. of the 5th USENIX Symposium on Networked Systems Design and Implementation (2008). P. 309-322.
  6. Watson R.N.M., Anderson J., Laurie B. Capsicum: practical capabilities for UNIX // In Proc. of the USENIX Security. 2010.
  7. CIL - Infrastructure for C Program Analysis and Transformation [HTML] (http://hal.cs.berkeley.edu/cil/)
  8. The libunwind project [HTML] (http://www.nongnu.org/libunwind/)
  9. Гамаюнов Д.Ю., Горнак Т.А., Сапожников А.В., Сахаров Ф.В, Торощин Э.С. Гранулярный контроль безопасности поведения приложений со стороны ядра Linux // Информационно-методический журнал «Защита информации. Инсайд». №4. СПб., 2010. С. 54-58.