Security Improvement of File System Filter Driver in Windows Embedded OS |
Seong, Yeon Sang
(Dept. of Computer Science Engineering, Chungnam National University)
Cho, Chaeho (Dept. of Computer Science Engineering, Chungnam National University) Jun, Young Pyo (Software Division, Yonsei University MIRAE Campus) Won, Yoojae (Dept. of Computer Science Engineering, Chungnam National University) |
1 | Red Hat Enterprise Linux 7, "SELinux User's and Administrator's Guide," 2021 [Online]. Available: https://access.redhat.com/documentation/enus/red_hat_enterprise_linux/7/html/selinux_users_and_administrators_guide/index. |
2 | H. Yoo, J. H. Yun, and T. Shon, "Whitelist-based anomaly detection for industrial control system security," The Journal of Korean Institute of Communications and Information Sciences, vol. 38, no. 8, pp. 641-653, 2013. |
3 | Microsoft, "CVE-2019-0641: Microsoft Edge Security Feature Bypass Vulnerability," 2019 [Online]. Available: https://msrc.microsoft.com/update-guide/en-us/vulnerability/CVE-2019-0641. |
4 | S. Parkinson, S. Khan, J. Bray, and D. Shreef, "Creeper: a tool for detecting permission creep in file system access controls," Cybersecurity, vol. 2, article no. 14, 2019. https://doi.org/10.1186/s42400-019-0031-1 DOI |
5 | K. Fan, X. Yao, X. Fan, Y. Wang, and M. Chen, "A new usage control protocol for data protection of cloud environment," EURASIP Journal on Information Security, vol. 2016, article no. 7, 2016. https://doi.org/10.1186/s13635-016-0031-6 DOI |
6 | S. S. Park, "A study on the whitelist-based process control method for security of POS system," M.S. thesis, Department of Information Security, Sungkyunkwan University, Seoul, Korea, 2016. |
7 | K. Srinivasan, C. Y. Chang, C. H. Huang, M. H. Chang, A. Sharma, and A. Ankur, "An efficient implementation of mobile raspberry Pi Hadoop clusters for robust and augmented computing performance," Journal of Information Processing Systems, vol. 14, no. 4, pp. 989-1009, 2018. DOI |
8 | Telecommunications Technology Association, "Security requirements of the POS system (TTAK.KO12.0181)," 2011 [Online]. Available: http://www.tta.or.kr/data/ttas_view.jsp?totalSu=643&by=desc&order=publish_date&rn=1&pk_num=TTAK.KO-12.0181&nowSu=251. |
9 | AhnLab, "POS threat, flaw attack," 2015 [Online]. Available: https://www.ahnlab.com/kr/site/securityinfo/secunews/secuNewsView.do?menu_dist=2&curPage=1&seq=23403. |
10 | I. Fratric, "Microsoft Edge: Default Flash click2play whitelist is insecure," 2019 [Online]. Available: https://bugs.chromium.org/p/project-zero/issues/detail?id=1722. |
11 | S. J. Kim, "A study of effective rootkit-detection based on Windows system," Master's thesis, Konkuk University, Seoul, Korea, 2008 |
12 | Microsoft," File Systems driver design guide," 2020 [Online]. Available: http://msdn.microsoft.com/kokr/windows/hardware/gg462968. |
13 | G. S. Mahmood, D. J. Huang, and B. A. Jaleel, "A secure cloud computing system by using encryption and access control model," Journal of Information Processing Systems, vol. 15, no. 3, pp. 538-549, 2019. DOI |
14 | S. P. Hong, "Design and implementation of mandatory access control based on Linux kernel," Master's thesis, Hanseo University, Seosan, Korea, 2001. |
15 | Y. Jing, J. H. Kim, and D. W. Jeong, "a universal model for policy-based access control-enabled ubiquitous computing," Journal of Information Processing Systems, vol. 2, no. 1, pp. 28-33, 2006. DOI |
16 | B. S. Choi, "Design and implementation of secure Linux kernel based on RBAC mechanism," Master's thesis, Hannam University, Daejeon, Korea, 2004. |
17 | C. Bodei, P. Degano, F. Nielson, and H. R. Nielson, "Static analysis of processes for no read-up and no writedown," in Foundations of Software Science and Computation Structure. Heidelberg, Germany: Springer, 1999, pp. 120-134. |
18 | J. N. Kim, S. W. Sohn, and C. H. Lee, "Test on the security and performance on the basis of the access control policy implemented by secure OS," The KIPS Transactions: Part D, vol. 10, no. 5, pp. 773-780, 2003. |
19 | A. Rafique, D. Van Landuyt, E. Truyen, V. Reniers, and W. Joosen, "SCOPE: self-adaptive and policy-based data management middleware for federated clouds," Journal of Internet Services and Applications, vol. 10, article no. 2, 2019. https://doi.org/10.1186/s13174-018-0101-8 DOI |
20 | D. E. Bell and L. J. La Padula, "Secure computer system: Unified exposition and multics interpretation," MITRE Corp., Bedford, MA, Technical Report No. 2997, 1976. |
21 | S. G. Hong, "Study on strengthening document security using file system driver," PhD dissertation, ChungAng University, Seoul, Korea, 2011. |