A Taxonomy for Attack Patterns on Information Flows in Component-Based Operating Systems

We present a taxonomy and an algebra for attack patterns on component-based operating systems. In a multilevel security scenario, where isolation of partitions containing data at different security classifications is the primary security goal and security breaches are mainly defined as undesired disclosure or modification of classified data, strict control of information flows is the ultimate goal. In order to prevent undesired information flows, we provide a classification of information flow types in a component-based operating system and, by this, possible patterns to attack the system. The systematic consideration of informations flows reveals a specific type of operating system covert channel, the covert physical channel, which connects two former isolated partitions by emitting physical signals into the computer's environment and receiving them at another interface.Comment: 9 page

Arquitectura de seguridad por capas en sistemas críticos

El rotundo avance de la tecnología nos presenta continuamente nuevas herramientas y facilidades para el desarrollo de sistemas electrónicos e informáticos, que permiten mejorar y/o complementar los procedimientos existentes en el campo militar. Por este motivo, es esencial identificar los posibles riesgos que estas tecnologías pueden acarrear, para así poder preparar a los sistemas críticos desarrollados en dicho ámbito para posibles contingencias. La presente investigación plantea la posibilidad de adaptar técnicas de la industria, más específicamente del área de seguridad informática y ciberdefensa, a los sistemas desarrollados por el Centro de Investigación y Desarrollo de Software Operacional (en adelante CIDESO), en el ámbito de los sistemas de propósito críticoa (tanto en el área de Comando y Control, como en la de apoyo en situación de catástrofe).Eje: Seguridad Informática.Red de Universidades con Carreras en Informática (RedUNCI

Arquitectura de seguridad por capas en sistemas críticos

El rotundo avance de la tecnología nos presenta continuamente nuevas herramientas y facilidades para el desarrollo de sistemas electrónicos e informáticos, que permiten mejorar y/o complementar los procedimientos existentes en el campo militar. Por este motivo, es esencial identificar los posibles riesgos que estas tecnologías pueden acarrear, para así poder preparar a los sistemas críticos desarrollados en dicho ámbito para posibles contingencias. La presente investigación plantea la posibilidad de adaptar técnicas de la industria, más específicamente del área de seguridad informática y ciberdefensa, a los sistemas desarrollados por el Centro de Investigación y Desarrollo de Software Operacional (en adelante CIDESO), en el ámbito de los sistemas de propósito críticoa (tanto en el área de Comando y Control, como en la de apoyo en situación de catástrofe).Eje: Seguridad Informática.Red de Universidades con Carreras en Informática (RedUNCI

A layered approach to simplified access control in virtualized systems

In this work, we show how the abstraction layer created by a hypervisor, or virtual machine monitor, can be leveraged to reduce the complexity of mandatory access control policies throughout the system. Policies governing access control decisions in today’s systems are complex and monolithic. Achieving strong security guarantees often means restricting usability across the entire system, which is a primary reason why mandatory access controls are rarely deployed. Our architecture uses a hypervisor and multiple virtual machines to decompose policies into multiple layers. This simplifies the policies and their enforcement, while minimizing the overall impact of security on the system. We show that the overhead of decomposing system policies into distinct policies for each layer can be negligible. Our initial implementation confirms that such layering leads to simpler security policies and enforcement mechanisms as well as a more robust layered trusted computing base. We hope that this work serves to start a dialog regarding the use of mandatory access controls within a hypervisor for both increasing security and improving manageability

Techniques for Application-Aware Suitability Analysis of Access Control Systems

Access control, the process of selectively restricting access to a set of resources, is so fundamental to computer security that it has been called the field's traditional center of gravity. As such, a wide variety of systems have been proposed for representing, managing, and enforcing access control policies. Prior work on evaluating access control systems has primarily relied on relative expressiveness analysis, which proves that one system has greater capabilities than another. Although expressiveness is a meaningful basis for comparing access control systems, it does not consider the application in which the system will be deployed. Furthermore, expressiveness is not necessarily a useful way to rank systems; if two systems are expressive enough for a given application, little benefit is derived from choosing the one that has greater expressiveness. On the contrary, many of the concerns that arise when choosing an access control system can be negatively impacted by additional expressiveness: a system that is too complex is often harder to specify policies in, less efficient, or harder to reason about from the perspective of security guarantees. To address these shortcomings, we propose the access control suitability analysis problem, and present a series of techniques for solving it. Suitability analysis evaluates access control systems against the specific demands of the application within which they will be used, and considers a wide range of both expressiveness and ordered cost metrics. To conduct suitability analysis, we present a two-phase framework consisting of formal reductions for proving qualitative suitability and simulation techniques for evaluating quantitative suitability. In support of this framework we present a fine-grained lattice of reduction properties, as well as Portuno, a flexible simulation engine for conducting cost analysis of access control systems. We evaluate our framework formally, by proving that it satisfies a series of technical requirements, and practically, by presenting several case studies demonstrating its use in conducting analysis in realistic scenarios

WICC 2017 : XIX Workshop de Investigadores en Ciencias de la Computación

Actas del XIX Workshop de Investigadores en Ciencias de la Computación (WICC 2017), realizado en el Instituto Tecnológico de Buenos Aires (ITBA), el 27 y 28 de abril de 2017.Red de Universidades con Carreras en Informática (RedUNCI