Formally Specifying Linux Protection
نویسنده
چکیده
Authorization and protection deal with the problem of the control of access to resources. A key aspect of modern computing systems is resource sharing, so a need arose to govern access to these resources only to authorized users. In multi-user operating systems (such as Linux) authorization is of great interest. Computer security and authorization as a subset is characterized by the fact that a security fault or hole can be very costly. It is of great interest therefore to formalize and reason about security. Z notation is a powerful well-known formal notation based on set theory and predicate calculus which provides both abstraction and formalism. This work reports a formal expression in the Z notation for the basic protection (authorization) system of the Linux operating system. PDF created with pdfFactory Pro trial version www.pdffactory.com
منابع مشابه
Message filters for hardening the Linux kernel
Various mechanisms for hardening the Linux kernel (for example, enforcing system call policies, device driver failure recovery, protection against exploitation of bugs in code) are proposed in the literature. The main problem with these mechanisms is that, they require changes in the kernel code leading to the possibility of introducing new bugs and hence increasing the testing time. We propose...
متن کاملAttacking, Repairing, and Verifying SecVisor: A Retrospective on the Security of a Hypervisor (CMU-CyLab-08-008)
SecVisor is a hypervisor designed to guarantee that only code approved by the user of a system executes at the privilege level of the OS kernel [17]. We employ a model checker to verify the design properties of SecVisor and identify two design-level attacks that violate SecVisor’s security requirements. Despite SecVisor’s narrow interface and tiny code size, our attacks were overlooked in both ...
متن کاملConformance Verification of Privacy Policies
Web applications are both the consumers and providers of information. To increase customer confidence, many websites choose to publish their privacy protection policies. However, policy conformance is often neglected. We propose a logic based framework for formally specifying and reasoning about the implementation of privacy protection by a web application. A first order extension of computatio...
متن کاملAttacking, Repairing, and Verifying SecVisor: A Retrospective on the Security of a Hypervisor
SecVisor is a hypervisor designed to guarantee that only code approved by the user of a system executes at the privilege level of the OS kernel [17]. We employ a model checker to verify the design properties of SecVisor and identify two design-level attacks that violate SecVisor’s security requirements. Despite SecVisor’s narrow interface and tiny code size, our attacks were overlooked in both ...
متن کاملGlobal-scale Service Deployment in the XenoServer Platform
We are building the XenoServer platform for global computing, a public infrastructure capable of safely hosting untrusted distributed services on behalf of uncooperative paying clients. Service components execute on one or more XenoServers within resource-managed Virtual Machines (VMs) which provide resource isolation, protection, and allow the execution of arbitrary applications and services. ...
متن کامل