Browse > Article
http://dx.doi.org/10.3745/KIPSTD.2003.10D.5.773

Test on the Security and Performance on the Basis of the Access Control Policy Implemented by Secure OS  

Kim, Jeong-Nyeo (한국전자통신연구원)
Sohn, Sung-Won (한국전자통신연구원)
Lee, Chelo-Hoon (충남대학교 컴퓨터공학과)
Publication Information
The KIPS Transactions:PartD / v.10D, no.5, 2003 , pp. 773-780 More about this Journal
Abstract
SecuROS(Secure & Reliable Operating System) prevents and blocks possible system cracking by implementing additional security functions in FreeBSD 4.3 operating system (OS) kernel, including access control, user authentication, audit trail, encryption file system and trusted channel. This paper describes access control technique, which is one of core technologies of SecuROS, introduces the implementations of DAC, MAC and RBAC, all of which are corresponding access control policies, and show security and results of performance measurement on the basis of application of access control policies. Finally, security and performance between conventional OS environment and environment adopting access control policy is described.
Keywords
Secure Operating System; Access Control; Security; Performance;
Citations & Related Records
연도 인용수 순위
  • Reference
1 David F. Ferraiolo, Ravi Sandu and Serban Gavrila, 'A Proposed Standard for Role-Based Access Control,' ACM transaction on Information and System Security, Vol.4, No.3, pp.224-274, Aug., 2001, http://csrc.nist.gov/rbac/   DOI
2 J. G. Ko, J. N. Kim and K. I. Jeong, 'Access Control for Secure FreeBSD Operating System,' Proc. of WISA2001, The Second International Workshop on Information Secu-rity Applications, 2001
3 Peter A. Loscocco, Wtephen D. Dmalley, Patric A. Muc-kelbauer, Ruth C. Taylor, S. Jeff Truner, John F. Farrel, 'The Inevitablity of Failure : The Flawed Assumption of Security in Modern Computing Environments,' National Security Agency, 1997
4 Bell, David Elliott and Leonard J. La Padula, 'Secure computer system : Unified exposition and multics inter-pretation,' MITRE Technical Report 2997, MITRE Corp, Bedford, MA, 1975
5 UNICOS Multilevel Security (MLS) Features Users Guide, SG-21111 10.0, http://rcs21.urz.tu-dresden.de:80/ebt-bin/nph-dweb/dyna web./@Generic_BookTextVie
6 http://www.hpcc.gov/pubs/blue97/nsa/secureos.html
7 http://www.cs.utah.edu/flux/fluke/html/linux.html
8 DOD 5200.28-STD, 'Department of Defense Trusted Com-puter System Evaluation Criteria,' December, 1985
9 D. Ferraolo and R, Kuhn, 'Role-Based Access Control,' Proceeding of the 15th National Computer Security Conference, 1992
10 R. Graubart, 'Operating System Support for Trusted Ap-plications,' Proceedings of the 15th National Computer Security Conference, 1992
11 M. Harrison et al., 'Protection in Operating Systems,' Communications of ACM 19(8), August, 1976   DOI   ScienceOn
12 Secure Computing Corporation, 'Assurance in the Fluke Microkernel : Formal Security Policy Model,' Technical report MD A904-97-C-3047 CDRL A003, March, 1998
13 FreeBSD 4.3-RELEASE Source Code
14 Roos Lindgreen, Herschberg I. S., 'On the Validity of the Bell-Lapadula Model,' Computer & Security, Vol.13, pp. 317-338, 1994   DOI   ScienceOn