A Black-Box Tracing Technique to Identify Causes of Least-Privilege Incompatibilities
نویسندگان
چکیده
Most Windows users run all the time with Administrator privileges, equivalent to root privileges on a UNIX system. The possession of Administrator privileges by every user significantly increases the vulnerability of Windows systems. For example, simply compromising a user network service, such as an instant messaging client, provides an attacker complete control of the system. We address this problem by making it easier to develop applications that do not require Administrator privileges, thereby decreasing the inconvenience of running without Administrator privileges. To this end, we present a novel tracing technique for identifying the reasons applications require Administrator privileges (which we refer to as least-privilege incompatibilities). Our evaluation on a number of real-world applications shows that our tracing technique significantly helps developers fix least-privilege incompatibilities and can also help system administrators mitigate the impact of least-privilege incompatibilities in the near term through local system policy changes.
منابع مشابه
Self Protecting Pirates and Black-Box Traitor Tracing
We present a new generic black-box traitor tracing model in which the pirate-decoder employs a self-protection technique. This mechanism is simple, easy to implement in any (software or hardware) device and is a natural way by which a pirate (an adversary) which is black-box accessible, may try to evade detection. We present a necessary combinatorial condition for black-box traitor tracing of s...
متن کاملA Public-Key Black-Box Traitor Tracing Scheme with Sublinear Ciphertext Size Against Self-Defensive Pirates
We propose a public-key traitor tracing scheme in which (1) the size of a ciphertext is sublinear in the number of receivers and (2) black-box tracing is efficiently achieved against self-defensive pirate decoders. When assuming that a pirate decoder can take some self-defensive reaction (e.g., erasing all of the internal keys and shutting down) to escape from tracing if it detects tracing, it ...
متن کاملSTRIDER: A Black-box, State-based Approach to Change and Configuration Management and Support
We describe a new approach, called Strider, to Change and Configuration Management and Support (CCMS). Strider is a black-box approach: without relying on specifications, it uses state differencing to identify potential causes of differing program behaviors, uses state tracing to identify actual, run-time state dependencies, and uses statistical behavior modeling for noise filtering. Strider is...
متن کاملA Public-Key Traitor Tracing Scheme with Revocation Using Dynamic Shares
We proposed a new public-key traitor tracing scheme with revocation capability using the dynamic share and entity revocation techniques. The enabling block of our scheme is independent of the number of subscribers, but dependent on the collusion and revocation thresholds. Each receiver holds one decryption key only. Our traitor tracing algorithm works in a black-box way and is conceptually simp...
متن کاملAn Attack on A Traitor Tracing Scheme
In Crypto’99, Boneh and Franklin proposed a public key traitor tracing scheme [1], which was believed to be able to catch all traitors while not accusing any innocent users (i.e., full-tracing and errorfree). Assuming that Decision Diffie-Hellman problem is unsolvable in Gq, Boneh and Franklin proved that a decoder cannot distinguish valid ciphertexts from invalid ones that are used for tracing...
متن کامل