Title :
Protecting Mobile Codes Using the Decentralized Label Model
Author :
Jian-Wei Ye ; Bin-Xing Fang ; Jin-qiao Shi ; Zhi-Gang Wu
Author_Institution :
Sch. of Comput. Sci. & Technol., Harbin Inst. of Technol., Harbin
Abstract :
For protection of the confidentiality and integrity of the mobile codes, this paper proposes a new decentralized label model and a implementation of this model in Linux system, MCGuard. Using MCGuard, the owners can flexibly define their security policies to control the dissemination of their mobile codes just by labelling them. By intercepting system calls, MCGuard inserts an interposition layer between the processes and system calls to control the data flows of mobile codes and guarantee them not to be transmitted to insecure channels and manipulated by malicious principals. In MCGuard, the labelling and control of the mobile codes and their transmitting channels is performed at the level of standard operating system abstractions, and the labels can migrate between hosts. This makes the MCGuard applicable in mobile code systems composed of the stock Linux OS and existing mobile codes.
Keywords :
Linux; distributed programming; security of data; Linux system; MCGuard; decentralized label model; mobile codes; Control systems; Hardware; Information management; Kernel; Labeling; Linux; Mobile computing; Operating systems; Protection; Security; confidentiality; integrity; label; mobile code; operating system abstractions;
Conference_Titel :
Web-Age Information Management, 2008. WAIM '08. The Ninth International Conference on
Conference_Location :
Zhangjiajie Hunan
Print_ISBN :
978-0-7695-3185-4
Electronic_ISBN :
978-0-7695-3185-4
DOI :
10.1109/WAIM.2008.102
