Linux security modules: general security support for the linux kernel

Wright, Chris; Cowan, Crispin; Morris, James F.; Smalley, Stephen; Kroah-Hartman, Greg

doi:10.1109/fits.2003.1264934

Cited by 194 publications

(207 citation statements)

References 21 publications

Supporting

Mentioning

203

Contrasting

Unclassified

Order By: Relevance

“…An attacker overwrites a function pointer with the address of a function provided by the attacker, which will then allow the attacker to interpose on a desired set of kernel operations. In some sense, Linux Security Modules provide similar hooks for security enhancements [91]; the primary difference is that KOH repurposes other hooks used for purposes such as implementing an extensible virtual file system (VFS) model. The defenses against KOH attacks generally depend on whether the hook is located in the text or data segment.…”

Section: A Kernel Object Hookingmentioning

confidence: 99%

See 1 more Smart Citation

SoK: Introspections on Trust and the Semantic Gap

Jain

Baig

Zhang

et al. 2014

2014 IEEE Symposium on Security and Privacy

View full text Add to dashboard Cite

Abstract-An essential goal of Virtual Machine Introspection (VMI) is assuring security policy enforcement and overall functionality in the presence of an untrustworthy OS. A fundamental obstacle to this goal is the difficulty in accurately extracting semantic meaning from the hypervisor's hardwarelevel view of a guest OS, called the semantic gap. Over the twelve years since the semantic gap was identified, immense progress has been made in developing powerful VMI tools.Unfortunately, much of this progress has been made at the cost of reintroducing trust into the guest OS, often in direct contradiction to the underlying threat model motivating the introspection. Although this choice is reasonable in some contexts and has facilitated progress, the ultimate goal of reducing the trusted computing base of software systems is best served by a fresh look at the VMI design space.This paper organizes previous work based on the essential design considerations when building a VMI system, and then explains how these design choices dictate the trust model and security properties of the overall system. The paper then observes portions of the VMI design space which have been under-explored, as well as potential adaptations of existing techniques to bridge the semantic gap without trusting the guest OS.Overall, this paper aims to create an essential checkpoint in the broader quest for meaningful trust in virtualized environments through VM introspection.

show abstract

Section: A Kernel Object Hookingmentioning

confidence: 99%

“…A legacy OS, such as Linux, executes all security modules in the same address space and with the same privilege level as the rest of the kernel [91]. When this is coupled with a porous attack surface, malicious software can often load code into the OS kernel which disables security measures, such as virus scanners and intrusion detection.…”

Section: Introductionmentioning

confidence: 99%

SoK: Introspections on Trust and the Semantic Gap

Jain

Baig

Zhang

et al. 2014

2014 IEEE Symposium on Security and Privacy

View full text Add to dashboard Cite

show abstract

“…Privileges are managed at much higher levels of granularity and security labels are applied on zone level rather than on individual resource level as in SELinux, with no concept of label transitions within a zone. The designers apparently eschewed the flexibility of the LSM/SELinux approach [14,3] in favor of a simpler conceptual model that is easier to use.…”

Section: Related Workmentioning

confidence: 99%

Pastures: Towards Usable Security Policy Engineering

Bratus

Ferguson

McIlroy

et al. 2007

The Second International Conference on Availability, Reliability and Security (ARES'07)

View full text Add to dashboard Cite

show abstract

“…Therefore, a system which has implemented the BLP model is secure and could protect the privacy between information sharing. [21] is a framework in the Linux kernel that supports various computer security models and LSM has nothing to do with any separate security implementation. This framework is licensed under the GNU General Public License and it has been a part of the official Linux kernel since Linux 2.6.…”

Section: Blpmentioning

confidence: 99%

Task‐Oriented Multilevel Cooperative Access Control Scheme for Environment with Virtualization and IoT

Dong

Zhu

Song

et al. 2018

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

With the development of cloud computing technology and the proliferation of the Internet of Things (IoT) terminals, more and more scenes need the collaboration of virtual machines and IoT terminals to resolve. However, there are many severe challenges on the security of virtual machines and IoT terminals. Based on Bell-LaPadula Model (BLP), a task-oriented multilevel cooperative access control scheme virtualization and reality BLP, named VR-BLP, is proposed. Specifically, tasks are created for each user of the platform and tasks and users are divided into multiple levels to provide more granularities to limit access between virtual machines and IoT terminals. Moreover, with network isolation cooperating with process isolation and shared memory isolation mechanisms, VR-BLP is implemented to enhance the security isolations between tasks. Performance evaluations show that VR-BLP enhanced the security of environment with virtualization and IoT without causing significant performance penalty.

show abstract

Linux security modules: general security support for the linux kernel

Cited by 194 publications

References 21 publications

SoK: Introspections on Trust and the Semantic Gap

SoK: Introspections on Trust and the Semantic Gap

Pastures: Towards Usable Security Policy Engineering

Task‐Oriented Multilevel Cooperative Access Control Scheme for Environment with Virtualization and IoT

Contact Info

Product

Resources

About