• DocumentCode
    1928438
  • Title

    Information Flow and Execution Policy for a Model of Detection without False Negatives

  • Author

    Geller, Stéphane

  • fYear
    2011
  • fDate
    18-21 May 2011
  • Firstpage
    1
  • Lastpage
    9
  • Abstract
    In this paper, we propose an extension of an intrusion detection system, implemented at the operating system level. This model is based on a flow control policy, expressed at the scale of the system objects. The extension presented here takes the execution of processes mechanisms into account and improves the expressivity of the security policy. The model thus becomes usable to restrain information flows realized by processes depending on the user and/or the code of the process. Besides, we prove that this model does not produce false negatives : all the violations of the security policy raise an alert.
  • Keywords
    security of data; supervisory programs; execution policy; flow control policy; information flow; intrusion detection; operating system; security policy; Contamination; Fires; Gold; Irrigation; Linux; Security; Sockets;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Network and Information Systems Security (SAR-SSI), 2011 Conference on
  • Conference_Location
    La Rochelle
  • Print_ISBN
    978-1-4577-0735-3
  • Type

    conf

  • DOI
    10.1109/SAR-SSI.2011.5931385
  • Filename
    5931385