Security On-demand Architecture with Multiple Modules Support

It's very important for a general-purpose operating system to have a security-tunable feature to meet different security requirements. This can be achieved by supporting diverse security modules, invoking them on demand. However, the security architectures of existing projects on Linux kernels do not support this feature or have some drawbacks in their supporting. Thus we introduce a layered architecture which consists of original kernel layer, module coordination layer and module decision layer. The architecture supports multiple modules register, resolves policy-conflicts of modules by changing their invoking order, and allow user to customize the security by enabling or disabling modules during runtime. The detailed structure and implementation in Linux based system, SECIMOS is described. The caching issue and performance are also discussed. Our practice showed the architecture helps us achieve flexible adaptation in different environments.

[1]  Pau-Chen Cheng,et al.  BlueBoX: A policy-driven, host-based intrusion detection system , 2003, TSEC.

[2]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[3]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[4]  Mao Bi,et al.  Role based Access Control Model , 2003 .

[5]  Carl Staelin,et al.  lmbench: Portable Tools for Performance Analysis , 1996, USENIX Annual Technical Conference.

[6]  Faye Coker,et al.  NSA Security Enhanced Linux , 2003 .

[7]  Crispin Cowan,et al.  Linux security modules: general security support for the linux kernel , 2002, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[8]  Massimo Bernaschi,et al.  Remus: a security-enhanced operating system , 2002, TSEC.

[9]  Mike Hibler,et al.  The Flask Security Architecture: System Support for Diverse Security Policies , 1999, USENIX Security Symposium.