A Security Architecture for Adapting Multiple Access Control Models to Operating Systems

In this paper, we propose a new security architecture for adapting multiple access control models to operating systems. As adding a virtual access control system to a proposed security architecture, various access control models such as MAC, DAC, and RBAC are applied to secure operating systems easily. Also, the proposed was designed to overcome the deficiencies of access control in standard operating systems, makes secure OS more available by combining access control models, and apply them to secure OS in runtime.

[1]  Ramaswamy Chandramouli,et al.  The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[2]  Mike Hibler,et al.  The Flask Security Architecture: System Support for Diverse Security Policies , 1999, USENIX Security Symposium.

[3]  Phil Kearns,et al.  Domain and Type Enforcement for Linux , 2000, Annual Linux Showcase & Conference.

[4]  Bill McCarty,et al.  Selinux: NSA's Open Source Security Enhanced Linux , 2004 .

[5]  Dieter Gollmann,et al.  Computer Security , 1979, Lecture Notes in Computer Science.

[6]  Stephen Smalley,et al.  Integrating Flexible Support for Security Policies into the Linux Operating System , 2001, USENIX Annual Technical Conference, FREENIX Track.

[7]  Crispin Cowan,et al.  Linux security modules: general security support for the linux kernel , 2002, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[8]  Timothy Fraser,et al.  LOMAC: Low Water-Mark integrity protection for COTS environments , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[9]  Charles P. Pfleeger,et al.  Security in computing , 1988 .