Abstract | ||
---|---|---|
Information flow security has been an important security requirement of existing operating systems, especially for distributed applications. We are interested in protecting information flow security with an eye to information flow integrity and trusted computing. Although people have studied these two aspects already, each alone is insufficient for system security. In this paper, we design an information flow integrity architecture called BIFI based on classical integrity model with trusted computing technology. Firstly, we define an extension to Biba integrity, called Biba-invoke, which has ameliorated the monotonic behavior of Biba. Secondly, in order to support our integrity model, modifications to the SELinux and kernel module of Linux is necessary. We prove that BIFI can protect information flow integrity with only a few changes to existing systems. |
Year | DOI | Venue |
---|---|---|
2008 | 10.1109/CSSE.2008.738 | CSSE (3) |
Keywords | Field | DocType |
system security,information flow integrity architecture,classical integrity model,information flow integrity measurement,monotonic behavior,important security requirement,architectural support,biba integrity,information flow security,kernel module,information flow integrity,integrity model,data integrity,linux,computer architecture,distributed application,trusted computing,information flow,security,operating system | Kernel (linear algebra),Information flow (information theory),Architecture,Trusted Computing,Architectural support,Computer science,Computer security,Data integrity,Software,Integrity measurement,Database,Distributed computing | Conference |
Citations | PageRank | References |
3 | 0.44 | 6 |
Authors | ||
2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Hao Hu | 1 | 20 | 7.76 |
Deng-Guo Feng | 2 | 1991 | 190.95 |