Remus: a security-enhanced operating system
We present a detailed analysis of the UNIX system calls and classify them according to their level of threat with respect to system penetration. Based on these results, an effective mechanism is proposed to control the invocation of critical, from the security viewpoint, system calls. The integratio...
Gespeichert in:
| Veröffentlicht in: | ACM transactions on information and system security 2002, Vol.5 (1), p.36-61 |
|---|---|
| Hauptverfasser: | , , |
| Format: | Artikel |
| Sprache: | eng |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 61 |
|---|---|
| container_issue | 1 |
| container_start_page | 36 |
| container_title | ACM transactions on information and system security |
| container_volume | 5 |
| creator | Bernaschi, Massimo Gabrielli, Emanuele Mancini, Luigi V. |
| description | We present a detailed analysis of the UNIX system calls and classify them according to their level of threat with respect to system penetration. Based on these results, an effective mechanism is proposed to control the invocation of critical, from the security viewpoint, system calls. The integration into existing UNIX operating systems is carried out by instrumenting the code of the system calls in such a way that the execution is granted only in the case where the invoking process and the value of the arguments comply with the rules held in an access control database. This method does not require changes in the kernel data structures and algorithms. All kernel modifications are transparent to the application processes that continue to work correctly with no need of source code changes or recompilation. A working prototype has been implemented as a loadable kernel module for the Linux operating system. The prototype is able to detect and block any attacks by which an intruder tries to gain direct access to the system as a privileged user. |
| doi_str_mv | 10.1145/504909.504911 |
| format | Article |
| fullrecord | <record><control><sourceid>crossref</sourceid><recordid>TN_cdi_crossref_primary_10_1145_504909_504911</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>10_1145_504909_504911</sourcerecordid><originalsourceid>FETCH-LOGICAL-c203t-65c23a37c3cd5bc951d6a6cf977f3e3f658afc6d5aa0209f1bbc276293ad02773</originalsourceid><addsrcrecordid>eNotz01LAzEUheEgFlrbLvszUu9Hbm6zlOIXFATRdcjcmYDSokx04b_XMq7eszrwOLdB2CIGuRYICdL2HMQLt0AR9RogXv5tSMEnojB3V629A0BQpIWbPQ-n77Zys1qObVj_d-le725f9g_-8HT_uL85eCPgLx_FiAursfXSWRLsY4lWk2rlgWuUXakWeykFCFLFrjPSSIlLD6TKS-enXxs_WhuHmj_Ht1MZfzJCPhvyZMiTgX8Beg42tg</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>Remus: a security-enhanced operating system</title><source>ACM Digital Library Complete</source><creator>Bernaschi, Massimo ; Gabrielli, Emanuele ; Mancini, Luigi V.</creator><creatorcontrib>Bernaschi, Massimo ; Gabrielli, Emanuele ; Mancini, Luigi V.</creatorcontrib><description>We present a detailed analysis of the UNIX system calls and classify them according to their level of threat with respect to system penetration. Based on these results, an effective mechanism is proposed to control the invocation of critical, from the security viewpoint, system calls. The integration into existing UNIX operating systems is carried out by instrumenting the code of the system calls in such a way that the execution is granted only in the case where the invoking process and the value of the arguments comply with the rules held in an access control database. This method does not require changes in the kernel data structures and algorithms. All kernel modifications are transparent to the application processes that continue to work correctly with no need of source code changes or recompilation. A working prototype has been implemented as a loadable kernel module for the Linux operating system. The prototype is able to detect and block any attacks by which an intruder tries to gain direct access to the system as a privileged user.</description><identifier>ISSN: 1094-9224</identifier><identifier>EISSN: 1557-7406</identifier><identifier>DOI: 10.1145/504909.504911</identifier><language>eng</language><ispartof>ACM transactions on information and system security, 2002, Vol.5 (1), p.36-61</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-LOGICAL-c203t-65c23a37c3cd5bc951d6a6cf977f3e3f658afc6d5aa0209f1bbc276293ad02773</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,776,780,4009,27902,27903,27904</link.rule.ids></links><search><creatorcontrib>Bernaschi, Massimo</creatorcontrib><creatorcontrib>Gabrielli, Emanuele</creatorcontrib><creatorcontrib>Mancini, Luigi V.</creatorcontrib><title>Remus: a security-enhanced operating system</title><title>ACM transactions on information and system security</title><description>We present a detailed analysis of the UNIX system calls and classify them according to their level of threat with respect to system penetration. Based on these results, an effective mechanism is proposed to control the invocation of critical, from the security viewpoint, system calls. The integration into existing UNIX operating systems is carried out by instrumenting the code of the system calls in such a way that the execution is granted only in the case where the invoking process and the value of the arguments comply with the rules held in an access control database. This method does not require changes in the kernel data structures and algorithms. All kernel modifications are transparent to the application processes that continue to work correctly with no need of source code changes or recompilation. A working prototype has been implemented as a loadable kernel module for the Linux operating system. The prototype is able to detect and block any attacks by which an intruder tries to gain direct access to the system as a privileged user.</description><issn>1094-9224</issn><issn>1557-7406</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2002</creationdate><recordtype>article</recordtype><recordid>eNotz01LAzEUheEgFlrbLvszUu9Hbm6zlOIXFATRdcjcmYDSokx04b_XMq7eszrwOLdB2CIGuRYICdL2HMQLt0AR9RogXv5tSMEnojB3V629A0BQpIWbPQ-n77Zys1qObVj_d-le725f9g_-8HT_uL85eCPgLx_FiAursfXSWRLsY4lWk2rlgWuUXakWeykFCFLFrjPSSIlLD6TKS-enXxs_WhuHmj_Ht1MZfzJCPhvyZMiTgX8Beg42tg</recordid><startdate>2002</startdate><enddate>2002</enddate><creator>Bernaschi, Massimo</creator><creator>Gabrielli, Emanuele</creator><creator>Mancini, Luigi V.</creator><scope>AAYXX</scope><scope>CITATION</scope></search><sort><creationdate>2002</creationdate><title>Remus</title><author>Bernaschi, Massimo ; Gabrielli, Emanuele ; Mancini, Luigi V.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c203t-65c23a37c3cd5bc951d6a6cf977f3e3f658afc6d5aa0209f1bbc276293ad02773</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2002</creationdate><toplevel>online_resources</toplevel><creatorcontrib>Bernaschi, Massimo</creatorcontrib><creatorcontrib>Gabrielli, Emanuele</creatorcontrib><creatorcontrib>Mancini, Luigi V.</creatorcontrib><collection>CrossRef</collection><jtitle>ACM transactions on information and system security</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Bernaschi, Massimo</au><au>Gabrielli, Emanuele</au><au>Mancini, Luigi V.</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Remus: a security-enhanced operating system</atitle><jtitle>ACM transactions on information and system security</jtitle><date>2002</date><risdate>2002</risdate><volume>5</volume><issue>1</issue><spage>36</spage><epage>61</epage><pages>36-61</pages><issn>1094-9224</issn><eissn>1557-7406</eissn><abstract>We present a detailed analysis of the UNIX system calls and classify them according to their level of threat with respect to system penetration. Based on these results, an effective mechanism is proposed to control the invocation of critical, from the security viewpoint, system calls. The integration into existing UNIX operating systems is carried out by instrumenting the code of the system calls in such a way that the execution is granted only in the case where the invoking process and the value of the arguments comply with the rules held in an access control database. This method does not require changes in the kernel data structures and algorithms. All kernel modifications are transparent to the application processes that continue to work correctly with no need of source code changes or recompilation. A working prototype has been implemented as a loadable kernel module for the Linux operating system. The prototype is able to detect and block any attacks by which an intruder tries to gain direct access to the system as a privileged user.</abstract><doi>10.1145/504909.504911</doi><tpages>26</tpages></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 1094-9224 |
| ispartof | ACM transactions on information and system security, 2002, Vol.5 (1), p.36-61 |
| issn | 1094-9224 1557-7406 |
| language | eng |
| recordid | cdi_crossref_primary_10_1145_504909_504911 |
| source | ACM Digital Library Complete |
| title | Remus: a security-enhanced operating system |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-27T03%3A58%3A12IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-crossref&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Remus:%20a%20security-enhanced%20operating%20system&rft.jtitle=ACM%20transactions%20on%20information%20and%20system%20security&rft.au=Bernaschi,%20Massimo&rft.date=2002&rft.volume=5&rft.issue=1&rft.spage=36&rft.epage=61&rft.pages=36-61&rft.issn=1094-9224&rft.eissn=1557-7406&rft_id=info:doi/10.1145/504909.504911&rft_dat=%3Ccrossref%3E10_1145_504909_504911%3C/crossref%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |