DocumentCode
1928438
Title
Information Flow and Execution Policy for a Model of Detection without False Negatives
Author
Geller, Stéphane
fYear
2011
fDate
18-21 May 2011
Firstpage
1
Lastpage
9
Abstract
In this paper, we propose an extension of an intrusion detection system, implemented at the operating system level. This model is based on a flow control policy, expressed at the scale of the system objects. The extension presented here takes the execution of processes mechanisms into account and improves the expressivity of the security policy. The model thus becomes usable to restrain information flows realized by processes depending on the user and/or the code of the process. Besides, we prove that this model does not produce false negatives : all the violations of the security policy raise an alert.
Keywords
security of data; supervisory programs; execution policy; flow control policy; information flow; intrusion detection; operating system; security policy; Contamination; Fires; Gold; Irrigation; Linux; Security; Sockets;
fLanguage
English
Publisher
ieee
Conference_Titel
Network and Information Systems Security (SAR-SSI), 2011 Conference on
Conference_Location
La Rochelle
Print_ISBN
978-1-4577-0735-3
Type
conf
DOI
10.1109/SAR-SSI.2011.5931385
Filename
5931385
Link To Document