Compatible and Usable Mandatory Access Control for Good-enough OS Security
OS compromise is one of the most serious computer security problems today, but still not being resolved. Although people proposed different kinds of methods, they could not be accepted by most users who are non-expert due to the lack of compatibility and usability. In this paper, we introduce a kind of new mandatory access control model, named CLMAC, that aims to achieve good-enough security, high compatibility and usability. It has two novel features. One is access control based on tracing potential intrusion that can reduce false negatives and facilitate security configuration, in order to improve both compatibility and usability; the other is automatically figuring out all of the compatibility exceptions that usually incurs incompatible problems. The experiments performed on the prototype show that CLMAC can defense attacks from network, mobile disk and local untrustable users while keeping good compatibility and usability.
Access Control Compatibility Usability
Zhiyong Shan
Computer Science Department, Renmin University of China Computer Science Department, State University of New York at Stony Brook Beijing, China
国际会议
Second International Symposium on Electronic Commerce and Security(第二届电子商务与安全国际研究大会)(ISECS 2009)
南昌
英文
246-250
2009-05-22(万方平台首次上网日期,不代表论文的发表时间)