Design of UNIX System for the Prevention of Damage Propagation by Intrusion and Its Implementation Based on 4.4BSD - Citegraph

Paper Info

Title
Design of UNIX System for the Prevention of Damage Propagation by Intrusion and Its Implementation Based on 4.4BSD

Abstract
On usual UNIX systems, a privileged user of root is allowed to acquire any user's authority without authentication process. If an intruder obtains the root privilege by taking advantage of system's security hole, he can abuse network reachability of any user of the system to break into other sites. Thus we present a new system design where the authority of users is protected from root by introducing a new user substitution mechanism. However, even if we introduce the new mechanism, on usual UNIX systems, the intruder can get the authority using many other methods for root. We implement the new user substitution mechanism and the mechanisms which prevent the intruder from using such methods in FreeBSD-4.2, and confirm that the system design is effective.

Year	Venue	Keywords
2001	ISC	network reachability,unix system,root privilege,damage propagation,authentication process,new mechanism,security hole,usual unix system,new system design,privileged user,new user substitution mechanism,system design
Field	DocType	ISBN
Intrusion,Authentication,Computer science,Systems design,Unix,Reachability,System call,Operating system,Distributed computing,The Internet	Conference	3-540-42662-0
Citations	PageRank	References
0	0.34	8
Authors
3

Authors (3 rows)

Cited by (0 rows)

References (8 rows)

Name	Order	Citations	PageRank
Kenji Masui	1	16	3.18
Masahiko Tomoishi	2	7	6.18
Naoki Yonezaki	3	107	20.02

1