Cui Yan-Li,Zhang Xing

DOI: https://doi.org/10.1109/cnmt.2009.5374540

2009-01-01

Abstract:In the distributed environment, one important security issue is how to apply further security control to the object that is released to other terminals. The appearance of trusted computing technology has provided an effective solution for this issue in the distributed environment. At the same time, through combining trusted computing technology with the strong isolation and sharing characteristic provided by virtual machine technology has further increased the security and the flexibility of distributed access control. Therefore, this paper uses trusted computing technology to improve the security of the terminal in carrying out the distributed access control, designs a trusted terminal architecture that bases on the trusted computing technology and the virtual machine technology as well as a enhanced mode that suits in distributed access control, and on this basis, analyzes the security of system design.

Ines Akaichi,Sabrina Kirrane

DOI: https://doi.org/10.48550/arXiv.2203.04800

2022-03-09

Abstract:The management of data and digital assets poses various challenges, including the need to adhere to legal requirements with respect to personal data protection and copyright. Usage control technologies could be used by software platform providers to manage data and digital assets responsibly and to provide more control to data and digital asset owners. In order to better understand the potential of various usage control proposals, we collate and categorize usage control requirements, compare the predominant usage control frameworks based on said requirements, and identify existing challenges and opportunities that could be used to guide future research directions.

Cryptography and Security

Rui Chang,Liehui Jiang,Wenzhi Chen,Hong-qi He,Shuiqiao Yang,Hang Jiang,Wei Liu,Yong Liu

DOI: https://doi.org/10.1002/cpe.4180

2018-01-01

Abstract:This paper discusses security issues on the user equipment, which is the last mile of social networks. One of the main Achilles' heel of social networks is not the organization of networks themselves, but the user devices, typically Android ones. The existing system of privileges makes it easy to infiltrate the network via applications installed on users' devices. Conventional signature-based and static analysis methods are vulnerable. Access to privacy- and security-relevant parts of the application programming interface is controlled by the corresponding permission in a manifest file. While requesting access to permissions, it may offer opportunities to malicious codes, which will cause security issues. Few works among permission analysis, however, pay attention to the prevention of permission leakage on both hardware and software frameworks. In this paper we tackle the challenge of providing our multilayered permission-based security extension scheme on Android platforms. We propose a usage and access control model and an effective method of preventing permission leakage based on ARM TrustZone security extension mechanism. In contrast to previous work, the proposed security architecture provides a permission-based mandatory access control on Android middleware, Linux kernel, and hardware layers. The evaluation results demonstrate the effectiveness of the proposed scheme in mitigating permission leakage vulnerabilities.

Rui Chang,Liehui Jiang,Wenzhi Chen,Hongqi He,Shuiqiao Yang

DOI: https://doi.org/10.1109/cit.2016.14

2016-01-01

Abstract:As the number of smart devices continues to grow dramatically, programmes and data handled by such smart devices have become the primary targets of hackers and malwares. ARM-Android is the most widespread platform for smart devices. Access to privacy-and security-relevant parts of the API is controlled by the corresponding permission in a manifest. However, while requesting access to permissions, these applications may offer opportunities to malicious codes to gain access to other inaccessible resources which will cause a series of security issues. Recently, many researchers focus on the permission-based mechanism which restricts accesses of users and applications to critical resources on an ARM-Android device. Few works among permission analysis, however, pay attention to the prevention of permission leakage on both hardware and software frameworks. In this paper we tackle the challenge of providing our permission-based security architecture on ARM-Android platform. We propose an usage and access control model and an effective method of preventing permission leakage based on ARM TrustZone security extension. In contrast to previous work, the proposed security architecture provides a flexible mandatory access control on Android middleware, Linux kernel, and hardware layers. The evaluation results demonstrate the effectiveness in mitigating permission leakage vulnerabilities.

Luyang Zhang,Ruonan Rao

DOI: https://doi.org/10.1109/DBTA.2010.5659024

2010-01-01

Abstract:In open pervasive computing environment, various devices and applications are frequently changeable. It is hard to authenticate strange entities for lack of centralized management authority. In order to solve access control problem in open pervasive environment, a trust based access control framework is introduced in this paper, and a corresponding prototype system is designed, implemented and integrated into R-OSGi, which is a widely used middleware in pervasive environment. The system is based on sunxacml and employs Pervasive Trust Management Model as well as XACML based access control policy, supports dynamic trust degree evaluation and trust degree based decision-making for authorization.

Rui Chang,Liehui Jiang,Wenzhi Chen,Yaobin Xie,Zhongyong Lu

DOI: https://doi.org/10.23919/tst.2017.8030534

2017-01-01

Tsinghua Science & Technology

Abstract:The run-time security guarantee is a hotspot in current cyberspace security research, especially on embedded terminals, such as smart hardware as well as wearable and mobile devices. Typically, these devices use universal hardware and software to connect with public networks via the Internet, and are probably open to security threats from Trojan viruses and other malware. As a result, the security of sensitive personal data is threatened and economic interests in the industry are compromised. To address the run-time security problems efficiently, first, a TrustEnclave-based secure architecture is proposed, and the trusted execution environment is constructed by hardware isolation technology. Then the prototype system is implemented on real TrustZone-enabled hardware devices. Finally, both analytical and experimental evaluations are provided. The experimental results demonstrate the effectiveness and feasibility of the proposed security scheme.

Tao ZHANG,Yong ZHANG,Ge NING,Zhong CHEN

DOI: https://doi.org/10.3969/j.issn.1671-1122.2015.12.006

2015-01-01

Abstract:In face of the problem that the vulnerabilities of the common service or process in the Linux system are used to cause the system control to be easily lost, the paper proposes a process access control based on SELinux mandatory access control (PBACS), which can do fine-grained access control for files, processes and services, and can effectively mitigate security threats that caused by the vulnerabilities of system services, thus makes the server system more secure. The paper gives functional test and performance test on PBACS. Test result shows that PBACS meets design requirements, and can provide lower access control granularity in system process level. PBACS can be widely applied to reinforce Linux server system.

HU Da-Lei,ZHOU Xue-Hai

2010-01-01

Abstract:Access control is the mechanism to protect the operating system.At present,most systems lack proper access control mechanism.The implementation of access control mechanisms of the existing security system depends on the specific operating system platform,thus lacking portability.This paper sums up the differences between different platforms and the implementation methods of a variety of secureity systems.It abstracts the platform-dependence of access control mechanism,and designs a platform-independent and flexible access control framework PIFAC.This PIFAC has been implemented in Windows,Linux and Rtems.

Xitao Wen,Yan Chen,Chengchen Hu,Chao Shi,Yi Wang

DOI: https://doi.org/10.1145/2491185.2491212

2013-01-01

Abstract:ABSTRACTThe OpenFlow (OF) paradigm embraces third-party development efforts, and therefore suffers from potential trust issue on OF applications (apps). The abuse of such trust could lead to various types of attacks impacting the entire network. In this paper, we propose PermOF, a fine-grained permission system, as the first line of defense, in order to apply minimum privilege on apps. We summarize a set of 18 permissions to be enforced at the API entry of the controller. To accommodate the isolation requirements, we propose a customized isolation mechanism, which achieves comprehensive resource isolation and access control.

Ines Akaichi

DOI: https://doi.org/10.48550/arXiv.2206.04947

2022-06-10

Cryptography and Security

Abstract:The sharing of data and digital assets in a decentralized settling is associated with various legislative challenges, including, but not limited to, the need to adhere to legal requirements with respect to privacy (e.g. data protection legislation) and copyright (e.g. copyright legislation). In order to enable software platform providers to manage data and digital assets appropriately and to provide more control to data and digital asset owners, usage control technologies could be used to make sure that consumers handle data according to privacy preferences, licenses, regulatory requirements, among others. In this research proposal, we explore the application of usage control in decentralized environments. In particular, we address the challenges related to the specification of usage control policies, the enforcement of the respective policies, and the usability of the tools that are used to administer them.

Quanqi Ye,Heng Chuan Tan,Daisuke Mashima,Binbin Chen,Zbigniew Kalbarczyk

DOI: https://doi.org/10.36227/techrxiv.15147171

2021-08-12

Abstract:Industrial Control Systems (ICS) are traditionally designed to operate in an "air-gapped" environment. With the advent of digital technologies, many ICS are adopting IT solutions to improve interoperability and operational efficiency. Thus, the air-gap assumption no longer holds in practice. Most ICS devices today are modernized with networking capabilities to facilitate system maintenance, upgrades, and troubleshooting. Since these devices are connected to the Internet, ICS networks face the same security threats as regular IT systems. In addition, ICS operators can connect commercial off-the-shelf (COTS) equipment to ICS networks to perform operational tasks. Those COTS devices are usually personal computers or even mobile devices, which can be infected with malware and become weapons against ICS. In this position paper, we examine the design challenges of establishing trust between COTS equipment and ICS. We also present some commonly used security solutions and discuss their deployment challenges due to issues caused by legacy systems. Finally, we introduce the Trusted Execution Environment (TEE), a technology commonly available on modern COTS devices, as a trust anchor for establishing secure communications with the ICS infrastructure. We discuss some research gaps related to the use of TEE and propose some recommendations to guide future research.

Anbang Ruan,Qingni Shen,Liang Gu,Li Wang,Lei Shi,Yahui Yang,Zhong Chen

DOI: https://doi.org/10.1007/978-3-642-11145-7_18

2009-01-01

Abstract:The Trusted Computing Group (TCG) proposed remote attestation as a solution for establishing trust among distributed applications. However, current TCG attestation architecture requires challengers to attest to every program loaded on the target platform, which will increase the attestation overhead and bring privacy leakage and other security risks. In this paper, we define a conceptual model called the Trusted Isolation Environment (TIE) to facilitate remote attestation. We then present the implementation of TIE with our tailored Usage CONtrol model (UCONRA) and a set of system-defined policies. With its continuous and mutable feature and obligation support, we construct the TIE with flexibility. Lastly, we propose our attestation architecture with UCONRA gaining the benefits of scalable and lightweight.

Matthew Lentz,Rijurekha Sen,Peter Druschel,Bobby Bhattacharjee

DOI: https://doi.org/10.48550/arXiv.2001.08840

2020-01-23

Cryptography and Security

Abstract:Reliable on-off control of peripherals on smart devices is a key to security and privacy in many scenarios. Journalists want to reliably turn off radios to protect their sources during investigative reporting. Users wish to ensure cameras and microphones are reliably off during private meetings. In this paper, we present SeCloak, an ARM TrustZone-based solution that ensures reliable on-off control of peripherals even when the platform software is compromised. We design a secure kernel that co-exists with software running on mobile devices (e.g., Android and Linux) without requiring any code modifications. An Android prototype demonstrates that mobile peripherals like radios, cameras, and microphones can be controlled reliably with a very small trusted computing base and with minimal performance overhead.

Amir Mohammad Naseri,Walter Lucia,Mohammad Mannan,Amr Youssef

DOI: https://doi.org/10.1109/icas49788.2021.9551155

2021-08-11

Abstract:Recently, cloud control systems have gained increasing attention from the research community as a solution to implement networked cyber-physical systems (CPSs). Such an architecture can reduce deployment and maintenance costs albeit at the expense of additional security and privacy concerns. In this paper, first, we discuss state-of-the-art security solutions for cloud control systems and their limitations. Then, we propose a novel control architecture based on Trusted Execution Environments (TEE). We show that such an approach can potentially address major security and privacy issues for cloud-hosted control systems. Finally, we present an implementation setup based on Intel Software Guard Extensions (SGX), and validate its effectiveness on a testbed system.

Ennan Zhai,Qingni Shen,Yonggang Wang,Tao Yang,Liping Ding,Sihan Qing

DOI: https://doi.org/10.1007/978-3-642-20291-9_38

2011-01-01

Abstract:Host compromise is a serious security problem for operating systems. Most previous solutions based on integrity protection models are difficult to use: on the other hand, usable integrity protection models can only provide limited protection. This paper presents SecGuard, a secure and practical integrity protection model. To ensure the security of systems. SecGuard provides provable guarantees for operating systems to defend against three categories of threats: network-based threat, IPC communication threat and contaminative file threat. To ensure practicability, SecGuard introduces several novel techniques. For example, SecGuard leverages the information of existing discretionary access control information to initialize integrity labels for subjects and objects in the system. We developed the prototype system of SecGuard based on Linux Security Modules framework (LSM), and evaluated the security and practicability of SecGuard.

Ziyi Su,Frederique Biennier

DOI: https://doi.org/10.48550/arXiv.1305.1727

2013-05-08

Cryptography and Security

Abstract:In an open information systems paradigm, real-time context-awareness is vital for the success of cooperation, therefore dynamic security attributes of partners should considered in coalition for avoiding security conflicts. Furthermore, the cross-boundary asset sharing activities and risks associated to loss of governance call for a continuous regulation of partners' behavior, paying attention to the resource sharing and consuming activities. This paper describes an attribute-based usage control policy shceme compline to this needs. A concise syntax with EBNF is used to summarize the base policy model. The semantics of negotiation process is disambiguated with abductive constraint logic programming (ACLP) and Event Calculus (EC). Then we propose a policy ratification method based on a policy aggregation algebra that elaborate the request space and policy rule relation. This method ensures that, when policies are aggregated due to resource sharing and merging activities, the resulting policy correctly interprets the original security goals of the providers' policies.

LU Gang,SHE Kun,ZHOU Ming-tian,ZHENG Fang-wei,NIU Xin-zheng,LIU Heng,LI Gui-lin

DOI: https://doi.org/10.3321/j.issn:1002-8331.2007.06.024

2007-01-01

Computer Engineering and Applications Journal

Abstract:This paper addresses the issue of secure resource access control in pervasive environments.We study the requirements needed to deploy the access control platform and present a prototype implementation after having presented detailed design thoughts.Combination of PKI,PMI,PRBAC and RBAC are the cornerstone of proposed solution.Main motivation of our work is the absence of significant related work.The prototype implementation has been built and tested,the results are promising.

Ran Yang,Chuang Lin,Yixin Jiang,Xiaowen Chu

DOI: https://doi.org/10.1109/icc.2011.5963329

2011-01-01

Communications

Abstract:The rapid development of applications running on global information infrastructure poses the problem of securing information sharing among domain collaborations. Existing access control models are defective in dynamic authorization based on user's trustworthiness and do not take full advantages of the infrastructure in implementing access control system. In this work, we propose a trust and role based access control model and the corresponding framework in infrastructure-centric environment. With the extension to RBAC model, trust level requirements, which dictate that the roles in the privilege context must be activated by the trustworthy user, can be specified. The comprehensive trust model, which calculates the user's trust level in multiple trust contexts based on behavior histories, is proposed. Moreover, by taking advantages of the infrastructure services, our scheme is flexible and scalable in that system administrators are free to choose custom scoring functions while the infrastructure trust evaluation services are relieved of the heavy burdens of history record maintenance and trust level update.

Xiaojun Ye,Zude Li,Bin Li,Feng Xie

DOI: https://doi.org/10.1109/icebe.2009.31

2009-01-01

Abstract:Dissemination control is concerned with controlling electronic resources even after they have been delivered to a legitimate recipient. This paper proposes a secure resource dissemination system framework in which resource providers and recipients are interacted mutually in an anonymous, accountable, and trustworthy way, while security constraints on diverse resources can be continuously protected along resource distribution. We specify the three-party context-aware trust management and privacy protection mechanism based on part behavior using Dempster-Shafer (D-S) theory. We also discuss main logic functions and procedures in the resource dissemination and usage transaction process.

Yan Li,Huiping Sun,Zhong Chen,Jinqiang Ren,Haining Luo

DOI: https://doi.org/10.1109/SecTech.2008.50

2008-01-01

Abstract:With the development of grid technology, sensitive files and data protection become difficult tasks multi-domains. Traditional access control mechanisms are not suitable to such distributed environment. Several models and mechanisms utilize trust to assist access control decision. But few explicitly consider trust and risk as two separate factors which affect interactions between peers. In this paper, we present a novel mechanism which considers both trust and risk as two vital parameters to assist access control decision. In addition, a novel model of trust evaluation is proposed to represent the confidence in the peer. And to appease people’s anxiety about loss, a new model of risk assessment is also presented to indicate impacts on resources. At the end of this paper, simulation results will indicate that our mechanism is able to secure local system more efficiently and reliably.