Search Results

Union filesystem has the advantage of providing a single integrated view of files on the same path by eliminating duplication of files on the same path at the mount point. A directory mounted by union filesystem should not be able to have access to ...

Cloud computing has deeply affected the structure of modern ICT infrastructures. It represents an enabling technology for novel paradigms such as Network Function Virtualisation (NFV), which proposes the virtualisation of network functions to enhance the ...

Android adopted SELinux's mandatory access control (MAC) mechanisms in 2013. Since then, billions of Android devices have benefited from mandatory access control security policies. These policies are expressed in a variety of rules, maintained by Google ...

Smartphones are a critical device in modern society. With the amount of personal data present on many smartphones, protecting their integrity is crucial. The Android operating system employs multiple layers of security to ensure that the system is ...

Although security policies configuration is crucial for operating systems to constrain applications' operations and to protect the confidentiality and integrity of sensitive resources inside the systems, it is an intractable work for security ...

In secure computing systems, isolation between different components is normally the basis for security. However, absolute isolation is seldom desired nor practical. Often for the system to function, a secure communication channel between otherwise ...

In this paper, we propose a visualization-based policy analysis framework that enables system administrators to query and visualize security policies and to easily identify the policy violations, especially focused on SELinux. Furthermore, we propose a ...

Protecting end users from security threats is an extremely difficult, but increasingly critical, problem. Traditional security models that focused on separating users from each other have proven ineffective in an environment of widespread software ...

This paper exhibits a new structure based on a meta-policy approach using an intelligent anomaly based host based intrusion detection system, These access control decisions are decided in agreement with a meta-policy. The combination of policy and host ...

As computing and communications increasingly pervade our lives, security and protection of sensitive data and systems are emerging as extremely important issues. This is especially true for embedded systems, often operating in non-secure environments, ...

The SELinux mandatory access control (MAC) policy has recently added a multilevel security (MLS) model which is able to express a fine granularity of control over a subject's access rights. The problem is that the richness of the SELinux MLS model makes ...

We present various approaches for mitigating malware on mobile devices which we have implemented and evaluated on Google Android. Our work is divided into the following three segments: a host-based intrusion detection framework; an implementation of ...

Google's Android framework incorporates an operating system and software stack for mobile devices. Using a general-purpose operating system such as Linux in mobile devices has advantages but also security risks. Security-Enhanced Linux (SELinux) can ...

SELinux can enforce a policy based on mandatory access control (MAC) for Linux so as to fulfill the security requirements of more strict access control for those hierarchical and classified management organizations or situations. But security policy ...

Access control in SELinux is designed for a mono- lithic operating system. In order to apply SELinux in distributed environments it is necessary to extend the policy specification language to include the no- tion of location. This paper presents a ...

The rapid spread of viruses, worms and undesired software in commercial and private networks has been a driving factor behind computer security research. The subject of preventing rogue software and rogue network traffic has been the focus of a number ...

Secure operating systems (secure OSes) are widely used to limit the damage caused by unauthorized access to Internet servers. However, writing a security policy based on the principle of least privilege for a secure OS is a challenge for an ...

We propose a secure platform on a chip multiprocessor, FIDES, in order to enable next generation mobile terminals to execute downloaded native applications for Linux. Its most important feature is the higher security based on multigrained separation ...

It's very important to analyze and study security mechanisms provided by an operating system. Currently, Linux is becoming one of the most popular operating systems because of its excellent performance and open source philosophy. Since lots of ...

Mobile phone security is a relatively new field that is gathering momentum in the wake of rapid advancements in phone system technology. Mobile phones are now becoming sophisticated smart phones that provide services beyond basic telephony, such as ...