Title :
A secure access control mechanism against Internet crackers
Author :
Kourai, Kenichi ; Chiba, Shigeru
Author_Institution :
Tokyo Univ., Japan
Abstract :
Internet servers are always in danger of being “highjacked” by various attacks, like the buffer overflow attack. We propose a process cleaning technique for making an access control mechanism secure against hijacking. To minimize damage in cases where the full control of the servers is stolen, access restrictions must be imposed on the servers. However, designing a secure access control mechanism is not easy, because that mechanism itself can be a security hole. Process cleaning prevents malicious code injected by a cracker from illegally removing access restrictions from a hijacked server. In this paper, we describe the access control mechanism of our Compacto operating system using process cleaning. According to the results of our experiments, process cleaning can be implemented with acceptable performance overheads
Keywords :
Internet; authorisation; computer crime; computer network management; file servers; network operating systems; telecommunication security; Compacto operating system; Internet crackers; Internet servers; access restrictions; buffer overflow attack; damage minimization; malicious code injection; performance overhead; process cleaning technique; secure access control mechanism; server control hijacking; Access control; Buffer overflow; Cleaning; Electronic mail; File servers; Image restoration; Internet; Operating systems; Protection; Web server;
Conference_Titel :
Distributed Computing Systems, 2001. 21st International Conference on.
Conference_Location :
Mesa, AZ
Print_ISBN :
0-7695-1077-9
DOI :
10.1109/ICDSC.2001.919014
