Title :
Sandbox System Based on Role and Virtualization
Author :
Li, Zhen ; Tian, Jun-feng ; Wang, Feng-Xian
Author_Institution :
Coll. of Math. & Comput., Hebei Univ., Baoding, China
Abstract :
We present a sandbox system based on role and virtualization applied to intrusion detection, which overcomes some drawbacks of traditional sandbox system: heavy workload of administrating userpsilas access control information, imprecision of access control, security hidden and inconvenient trace record of intrusion in the event of denial of system call, low performance after being incorporated to the original system, etc. We define meta-permission and present role sandbox and virtualization sandbox based on introducing role. This ensures the strong function of intrusion detection based on host. The tests show that the sandbox system can protect system security effectively without imposing heavy performance impact upon operating system.
Keywords :
authorisation; security of data; virtual reality; access control imprecision; access control information; intrusion detection; operating system; sandbox system; virtualization; virtualization sandbox; Access control; Application software; Computer security; Educational institutions; Electronic commerce; Information security; Intrusion detection; Mathematics; Permission; Protection; intrusion detection; role; sandbox; virtualization;
Conference_Titel :
Information Engineering and Electronic Commerce, 2009. IEEC '09. International Symposium on
Conference_Location :
Ternopil
Print_ISBN :
978-0-7695-3686-6
DOI :
10.1109/IEEC.2009.77
