Title :
Linux kernel loadable wrappers
Author :
Mitchem, Terrance ; Lu, Raymond ; Brien, Richard O. ; Larson, Kent
Author_Institution :
Secure Comput. Corp., Roseville, MN, USA
fDate :
6/22/1905 12:00:00 AM
Abstract :
This paper describes the results of the Hypervisors for Security and Robustness (Kernel Hypervisors) program. Using the concept of a loadable module, kernel loadable wrappers (KLWs) were implemented in a Linux kernel. These kernel loadable wrappers provide unbypassable security wrappers for application specific security requirements and can also be used to provide replication services. KLWs have a number of potential applications, including protecting user systems from malicious active content downloaded via a Web browser and wrapping servers and firewall services for limiting possible compromises. This paper also includes a summary of the composability analysis that was done on the program
Keywords :
Unix; client-server systems; operating system kernels; security of data; Kernel Hypervisors; Linux kernel loadable wrappers; application specific security requirements; browser security; composability analysis; computer security; firewall services; malicious active content; replication services; unbypassable security wrappers; Computer security; Hardware; Information security; Kernel; Lakes; Linux; Protection; Robustness; Virtual machine monitors; Web server;
Conference_Titel :
DARPA Information Survivability Conference and Exposition, 2000. DISCEX '00. Proceedings
Conference_Location :
Hilton Head, SC
Print_ISBN :
0-7695-0490-6
DOI :
10.1109/DISCEX.2000.821528
