مرکز منطقه ای اطلاع رساني علوم و فناوري - Information Flow and Execution Policy for a Model of Detection without False Negatives

DocumentCode :

1928438

Title :

Information Flow and Execution Policy for a Model of Detection without False Negatives

Author :

Geller, Stéphane

fYear :

2011

fDate :

18-21 May 2011

Firstpage :

Lastpage :

Abstract :

In this paper, we propose an extension of an intrusion detection system, implemented at the operating system level. This model is based on a flow control policy, expressed at the scale of the system objects. The extension presented here takes the execution of processes mechanisms into account and improves the expressivity of the security policy. The model thus becomes usable to restrain information flows realized by processes depending on the user and/or the code of the process. Besides, we prove that this model does not produce false negatives : all the violations of the security policy raise an alert.

Keywords :

security of data; supervisory programs; execution policy; flow control policy; information flow; intrusion detection; operating system; security policy; Contamination; Fires; Gold; Irrigation; Linux; Security; Sockets;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

Network and Information Systems Security (SAR-SSI), 2011 Conference on

Conference_Location :

La Rochelle

Print_ISBN :

978-1-4577-0735-3

Type :

conf

DOI :

10.1109/SAR-SSI.2011.5931385

Filename :

5931385

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=1928438