Architectural design for a secure Linux operating system

Operating system security is a hot research area for the past several decades. Various security mechanisms have been introduced till now to secure the operating system. In this paper we are focusing on securing Linux operating system. Even though Linux is open source and large numbers of people are involved in developing kernel patches for security holes, there are still many malwares to exploit the existing vulnerabilities. Using our architecture we are trying to minimize the damage done by the malwares if not blocking them altogether. Our architecture is designed to ensure the principle of least privilege. Principle of least privilege guarantees that a process will get the privileges just enough to perform its task. This ensures that even if the process is compromised it can do the least damage to the system as it is running in a sandbox. Major chunk of our system is running in the user level to make it portable across the distributions. Our system uses a specially structured security ticket to provide fine grained authorization to user processes which is not currently possible in the traditional linux architecture. The security ticket is designed in such a way that it can be inherited by a child process, can be shared and is unforgeable. The core module in the system is called Secd (Secure Daemon) which authorizes all the requests and also manages the security tickets.

[1]  Robert N. M. Watson,et al.  Capsicum: Practical Capabilities for UNIX , 2010, USENIX Security Symposium.

[2]  Anton Baláz,et al.  Security sandbox based on RBAC model , 2016, 2016 IEEE 11th International Symposium on Applied Computational Intelligence and Informatics (SACI).

[3]  Duncan A. Grove,et al.  PULSE: a Pluggable User-space Linux Security Environment paper , 2008, AISC.

[4]  Tal Garfinkel,et al.  Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools , 2003, NDSS.

[5]  Peter G. Neumann,et al.  Clean Application Compartmentalization with SOAAP , 2015, CCS.

[6]  Niels Provos,et al.  Improving Host Security with System Call Policies , 2003, USENIX Security Symposium.

[7]  K. P. Jevitha,et al.  Static analysis of Firefox OS privileged applications to detect permission policy violations , 2016 .

[8]  Christian Payne,et al.  Empowering End Users to Confine Their Own Applications: The Results of a Usability Study Comparing SELinux, AppArmor, and FBAC-LSM , 2011, TSEC.

[9]  Misha Mehra,et al.  Event triggered malware: A new challenge to sandboxing , 2015, 2015 Annual IEEE India Conference (INDICON).

[10]  Anton Burtsev,et al.  Lightweight capability domains: towards decomposing the Linux kernel , 2015, PLOS '15.

[11]  Robert N. M. Watson,et al.  Exploring Compartmentalisation Hypotheses with SOAAP , 2012, 2012 IEEE Sixth International Conference on Self-Adaptive and Self-Organizing Systems Workshops.

[12]  Stephen Smalley,et al.  Integrating Flexible Support for Security Policies into the Linux Operating System , 2001, USENIX Annual Technical Conference, FREENIX Track.

[13]  Lejian Liao,et al.  Design and implementation of sandbox technique for isolated applications , 2016, 2016 IEEE Information Technology, Networking, Electronic and Automation Control Conference.

[14]  A. Mukhopadhyay,et al.  An analytical study on the versatility of a linux based firewall from a security perspective , 2015 .

[15]  Jerome H. Saltzer,et al.  The protection of information in computer systems , 1975, Proc. IEEE.