Applicability of low water-mark mandatory access control security in Linux-based advanced networked consumer electronics

Author

Guo, Jinhong K. ; Johnson, Stephen ; Braun, David ; Park, II-Pyung

Author_Institution

Panasonic Inf. & Networking Technols. Lab., USA

fYear

2004

fDate

5-8 Jan. 2004

Firstpage

364

Lastpage

369

Abstract

Linux is an open source operating system that is rapidly gaining popularity in consumer electronic devices, especially in digital audio and video devices. However, with its success in the market, there is a greater need for security. We present a Trojan attack scenario that compromises the security of a Linux-based networked appliance. Then, we demonstrate how a simple low water-mark mandatory access control (LOMAC) module can protect the system against such attacks. However, LOMAC implements this access control by interposition at the kernel´s system call interface and uses implicit attribute mapping to map security attributes to files, which is invasive. We present a LOMAC implementation as a Linux security module (LSM), a new framework for providing standard interfaces to loadable security modules for the Linux kernel.

Keywords

Unix; authorisation; consumer electronics; invasive software; operating system kernels; Linux kernel modules; Linux security module; Trojan attack; advanced networked consumer electronics; digital audio devices; digital video devices; implicit attribute mapping; low water-mark mandatory access control security; open source operating system; system call interface; Access control; Application software; Consumer electronics; Data security; Home appliances; Intelligent networks; Kernel; Linux; Operating systems; Protection;

fLanguage

English

Publisher

ieee

Conference_Titel

Consumer Communications and Networking Conference, 2004. CCNC 2004. First IEEE

Conference_Location

Las Vegas, NV, USA

Print_ISBN

0-7803-8145-9

Type

conf

DOI

10.1109/CCNC.2004.1286889

Filename

1286889