Preventing Intrusions through Non-Interference

نویسنده

  • Marco Giunti
چکیده

The ability to prevent and to detect intrusions in computer systems is often heavily conditioned by having some knowledge of the security flaws of the system under analysis. Discover intrusions is particularly hard in concurrent systems, which contain several interactions among their components; suspicious interactions are usually studied manually by security experts which need to establish if they are dangerous. In this paper, we present an automated method to prevent intrusions in concurrent systems that does not require any previous knowledge of the flaws. We study the behaviour of an abstract model of the system that captures its security-related behaviors; the model contain the trusted components of the system such as the file system, privileged processes, etc. We then check all possible interactions with unprivileged processes to decide if the system contain security flaws. This is accomplished by introducing a non-interference security property which holds for models where unprivileged processes do not have direct or indirect write access to resources with an high security level. The property is based on traces and can be decided by using standard concurrency tools. Our method applies even to models containing information flows among their components; this turns out to be a necessary condition for analyzing interactions of actual computer systems, where privileged processes usually have both read and write access to low resources.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Predicting memory performance under conditions of proactive interference: immediate and delayed judgments of learning.

Four experiments examined the monitoring accuracy of immediate and delayed judgments of learning (JOLs) under conditions of proactive interference (PI). PI was produced using paired-associate learning tasks that conformed to variations of classic A-B, A-D paradigms. Results revealed that the relative monitoring accuracy of interference items was better for delayed than for immediate JOLs. Howev...

متن کامل

205-224 Goolkasian Apr 09.indd

The authors examined the intrusion of lures into sentence recall when manipulating the modality of distractor-word lists and sentences separately. Participants received a list of words followed by a sentence, and the list did or did not contain a lure related to a target in the sentence. Conceptual regeneration of the sentence during recall predicted higher lure intrusions than spontaneous intr...

متن کامل

Commentary: Playing the computer game tetris prior to viewing traumatic film material and subsequent intrusive memories: examining proactive interference

Citation: Ortiz de Gortari AB and Griffiths MD (2016) Commentary: Playing the computer game tetris prior to viewing traumatic film material and subsequent intrusive memories: examining proactive interference. Unwanted visual intrusions are characteristic of Post-Traumatic Stress Disorder (American Psychiatric Association, 2013). One innovative intervention for inhibiting unwanted intrusions is ...

متن کامل

Altercentric Intrusions from Multiple Perspectives: Beyond Dyads

Recent findings suggest that in dyadic contexts observers rapidly and involuntarily process the visual perspective of others and cannot easily resist interference from their viewpoint. To investigate whether spontaneous perspective taking extends beyond dyads, we employed a novel visual perspective task that required participants to select between multiple competing perspectives. Participants w...

متن کامل

Specifying Intrusion Detection and Reaction Policies: An Application of Deontic Logic

The security policy of an information system may include a wide range of different requirements. The literature has primarily focused on access and information flow control requirements and more recently on authentication and usage control requirements. Specifying administration and delegation policies is also an important issue, especially in the context of pervasive distributed systems. In th...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2006