TrustedBox: a kernel-level integrity checker

Author

Iglio, Pietro

Author_Institution

Fondazione Ugo Bordoni, Rome, Italy

fYear

1999

fDate

1999

Firstpage

189

Lastpage

198

Abstract

There is a large number of situations in which computer security is unpopular. In fact, common users do not like too much restricted security policies. Usability is often preferred to security. Many users want to be free to use their computers to run untrusted applications. Moreover, it is not possible to require that every computer user is a security expert. As a consequence, it is very easy for hackers to gain access to a computer system, and to perform a number of unauthorized operations. In this paper we focus on the problem of system integrity. There are some applications in which system integrity is at least as important as privacy and service availability. For this purpose, we have designed and implemented TrustedBox, a kernel-level integrity checker that can be used to enforce a very restricted security policy and that allows users to use the same system to perform untrusted operations

Keywords

data integrity; operating system kernels; security of data; TrustedBox; computer security; kernel-level integrity checker; restricted security policy; system integrity; untrusted application; usability; Application software; Availability; Computer hacking; Computer security; Performance gain; Privacy; Usability;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Security Applications Conference, 1999. (ACSAC '99) Proceedings. 15th Annual

Conference_Location

Phoenix, AZ

ISSN

1063-9527

Print_ISBN

0-7695-0346-2

Type

conf

DOI

10.1109/CSAC.1999.816027

Filename

816027