Title :
An Executable Code Authorization Model for Secure Operating System
Author :
Zemao, Chen ; Xiaoping, Wu ; Weimin, Tang
Author_Institution :
Dept. of Inf. Security, Naval Univ. of Eng., Wuhan
Abstract :
Executable code not effectively inspected and authorized before its execution has been one of the key reasons for wild spread of malicious codes. This paper proposes a program file authorization model based on an integrity measurement and access control combined methodology. It measures integrity signature of each program file and verifies it with the its original value before its execution. By allowing only running of known and trusted programs, it is able to disable invokes of malicious programs. To protect from attacks which donpsilat modify a program file, an active code authorization scheme is proposed. It divides a program file into an ordered series of code blocks by the return and jump instructions, constructs the integrity signatures of all code blocks respectively at compiling time, then measures and verifies them at run-time. By disallowing unexpected code blocks from running, it is able to prevent invokes of malicious codes injected by attackers.
Keywords :
authorisation; digital signatures; operating systems (computers); program verification; access control methodology; active code authorization scheme; executable code authorization model; malicious codes; operating system security; program file authorization model; program file verification; signature integrity measurement; trusted programs; Access control; Authorization; Computer security; Electronic commerce; Information security; Internet; Operating systems; Protection; Runtime; Time measurement;
Conference_Titel :
Electronic Commerce and Security, 2008 International Symposium on
Conference_Location :
Guangzhou City
Print_ISBN :
978-0-7695-3258-5
DOI :
10.1109/ISECS.2008.43
