• Journal of Information Processing Systems
• /
• v.17 no.4
• /
• pp.834-850
• /
• 2021

IT security companies have been releasing file system filter driver security solutions based on the whitelist, which are being used by several enterprises in the relevant industries. However, in February 2019, a whitelist vulnerability was discovered in Microsoft Edge browser, which allows malicious code to be executed unknown to users. If a hacker had inserted a program that executed malicious code into the whitelist, it would have resulted in considerable damage. File system filter driver security solutions based on the whitelist are discretionary access control (DAC) models. Hence, the whitelist is vulnerable because it only considers the target subject to be accessed, without taking into account the access rights of the file target object. In this study, we propose an industrial device security system for Windows to address this vulnerability, which improves the security of the security policy by determining not only the access rights of the subject but also those of the object through the application of the mandatory access control (MAC) policy in the Windows industrial operating system. The access control method does not base the security policy on the whitelist; instead, by investigating the setting of the security policy not only for the subject but also the object, we propose a method that provides improved stability, compared to the conventional whitelist method.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.445-446
• /
• 2021

Union file system is a technology that can be used as a single file system by integrating various files and directories. It has the advantage of maintaining the source file/directory used for integration, so it is used in many applications like container platform. When using the union file system, the user accesses the write-able layer, to which the security technology provided by the operating system can be applied. However, there is a disadvantage in that it is difficult to apply a separate security technology to the source file and directory used to create the union file system. In this study, we intend to propose an access control mechanism to deny security threats to source file/directory that may occur when using the union file system. In order to verify the effectiveness of the access control mechanism, it was confirmed that the access control mechanism proposed in this study can protect the source file/directory while maintaining the advantages of the union file system.

• The KIPS Transactions:PartA
• /
• v.15A no.1
• /
• pp.35-44
• /
• 2008

It is important to manage access control for secure ubiquitous applications. In this paper, we present an access-control system for executing policy file which includes access control rules. We implemented Context-aware Access Control Manager(CACM) based on Java Context-Awareness Framework(JCAF) which provides infrastructure and API for creating context-aware applications. CACM controls accesses to method call based on the access control rules in the policy file. We also implemented a support tool to help programmers modify incorrect access control rules using static analysis information, and a simulator for simulating ubiquitous applications. We describe simulation results for several ubiquitous applications.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.319-323
• /
• 2023

In intra-process isolation, file descriptors work as another attack vector from the memory corruption attacks. The attacker can read or write by corrupting file descriptors so they can escape the isolation. In this paper, we propose new lightweight capability-based access control system on file descriptor using ARM's hardware extension, PA(Pointer Authentication). Our system was implemented on Linux kernel module, only shows 5% overhead to control the access on the file descriptor.

• Convergence Security Journal
• /
• v.7 no.4
• /
• pp.123-131
• /
• 2007

Recently, various threat and security incident are occurred for unspecified individuals, and this problem increases as the rapid of information sharing through Internet. The using of Information Security System such as IDS, Firewall, VPN etc. makes this problem minimal. However, professional knowledge or skill is needed in that case, normal user can't operate the Information Security System. This paper designs and implements File Access Control Module(FACM) to use easily for normal user against malicious threats and attacks. The FACM can exclude from malicious threats and attacks based on operation system rather than detection of threats and attacks. The FACM is working not only Windows System but also Linux System, and the FACM has effect on access control, integrity and non-repudiation for a file with an access control over files on the each OS that are used by multi-user.

• The Journal of Society for e-Business Studies
• /
• v.18 no.4
• /
• pp.45-65
• /
• 2013

A design file can get larger in size as the complexity of the target object increases. A large design file may reside in a large parallel computing system, such as cloud computing systems, and many designers may work concurrently on the same design file. In such a case, it is obvious that we need some kind of protection mechanism so that each user can access only the area of the file he or she is entitled to. Two approaches can be taken for this problem: one is the traditional access control mechanisms and the other encryption techniques. We take the latter approach to ensure the safety of the file even in public domain such as clouding systems, and in this paper, we suggest an encryption scheme for a file where the file is encrypted in multi-layer so that each user is allowed to access the file only at the layer for which the user has the proper access right. Each layer of the file is encrypted with different keys and these keys are exposed only to those who have the right access permit. The paper explains the necessary file format to achieve this goal and discusses the file manipulation functions to handle this new file format.

• The KIPS Transactions:PartA
• /
• v.12A no.6 s.96
• /
• pp.493-498
• /
• 2005

P2P service is a method that can share various information through direct connection between computer of a person who have information and a Person who have information without server in the Internet and it is getting a lot of popularity by method for free ex change of file. P2P file sharing systems have become popular as a new paradigm for information exchange. Because all users who use service in P2P file sharing system can use shared files of several users freely by equal access privilege, it is happening the 'free rider' that only download shared file of other users without share own files. Although a user share a malicious file including virus, worm or file that have title differing with actuality contents, can use file sharing service without limitation. In this paper, we propose a method that restrict access of 'free rider' that only download using reputation information that indicate reliability of user. Also, we restrict usage ons hared file of other users about users who share harmful file.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1131-1139
• /
• 2016

In the Hive file format, the sk(Security Key) cell provides access control to registry key. An attacker can figure out secret information on registry or change the security set-up if she could apply modified hive files on system. This paper presents various methods to change access control of registry key by modifying or replacing cell on hive file. We also discuss threats by access control modification and signs of attacks analysis by modified hive files.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.1
• /
• pp.79-90
• /
• 2017

If digital forensic investigators can utilize file access logs when they audit insider information leakage cases or incident cases, it would be helpful to understand user's behaviors more clearly. There are many known artifacts related to file access in MS Windows. But each of the artifacts often lacks critical information, and they are usually not preserved for enough time. So it is hard to track down what has happened in a real case. In this thesis, I suggest a method to utilize SACL(System Access Control List) which is one of the audit functions provided by MS Windows. By applying this method of strengthening the Windows's audit settings, even small organizations that cannot adopt security solutions can build better environment for conducting digital forensic when an incident occurs.

• Proceedings of the IEEK Conference
• /
• 2005.11a
• /
• pp.1201-1204
• /
• 2005

Whereas conveniences deriving from the development of information and telecommunication technology increase, information outflow and illegal data use are also rapidly on the rise. Consequently, many studies to prevent illegal information outflow are currently under way, and the use of Smart Card is in steep jump. Recently, Java Card is diffused fast as an alternative to complement the technical problems of the Smart Card. This paper designed and materialized the system for multi-users authentication and file access control by user through designing a Java Card applet that is used for information protection and in various application fields. For allowing a file access competence, each user's file access competence is processed via drawing up the access condition table in the applet. Therefore, illegal correction, exposure and destruction of information, which become the concerns when multi-users have an access, can be prevented. In addition, its application becomes possible in the system requiring multi-users certifications.