15,532 research outputs found
A Taxonomy for Attack Patterns on Information Flows in Component-Based Operating Systems
We present a taxonomy and an algebra for attack patterns on component-based
operating systems. In a multilevel security scenario, where isolation of
partitions containing data at different security classifications is the primary
security goal and security breaches are mainly defined as undesired disclosure
or modification of classified data, strict control of information flows is the
ultimate goal. In order to prevent undesired information flows, we provide a
classification of information flow types in a component-based operating system
and, by this, possible patterns to attack the system. The systematic
consideration of informations flows reveals a specific type of operating system
covert channel, the covert physical channel, which connects two former isolated
partitions by emitting physical signals into the computer's environment and
receiving them at another interface.Comment: 9 page
The Android Platform Security Model
Android is the most widely deployed end-user focused operating system. With
its growing set of use cases encompassing communication, navigation, media
consumption, entertainment, finance, health, and access to sensors, actuators,
cameras, or microphones, its underlying security model needs to address a host
of practical threats in a wide variety of scenarios while being useful to
non-security experts. The model needs to strike a difficult balance between
security, privacy, and usability for end users, assurances for app developers,
and system performance under tight hardware constraints. While many of the
underlying design principles have implicitly informed the overall system
architecture, access control mechanisms, and mitigation techniques, the Android
security model has previously not been formally published. This paper aims to
both document the abstract model and discuss its implications. Based on a
definition of the threat model and Android ecosystem context in which it
operates, we analyze how the different security measures in past and current
Android implementations work together to mitigate these threats. There are some
special cases in applying the security model, and we discuss such deliberate
deviations from the abstract model
Deceit: A flexible distributed file system
Deceit, a distributed file system (DFS) being developed at Cornell, focuses on flexible file semantics in relation to efficiency, scalability, and reliability. Deceit servers are interchangeable and collectively provide the illusion of a single, large server machine to any clients of the Deceit service. Non-volatile replicas of each file are stored on a subset of the file servers. The user is able to set parameters on a file to achieve different levels of availability, performance, and one-copy serializability. Deceit also supports a file version control mechanism. In contrast with many recent DFS efforts, Deceit can behave like a plain Sun Network File System (NFS) server and can be used by any NFS client without modifying any client software. The current Deceit prototype uses the ISIS Distributed Programming Environment for all communication and process group management, an approach that reduces system complexity and increases system robustness
- …