By Topic

Compatible and Usable Mandatory Access Control for Good-enough OS Security

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
Zhiyong Shan ; Comput. Sci. Dept., Renmin Univ. of China, Beijing, China

OS compromise is one of the most serious computer security problems today, but still not being resolved. Although people proposed different kinds of methods, they could not be accepted by most users who are non-expert due to the lack of compatibility and usability. In this paper, we introduce a kind of new mandatory access control model, named CUMAC, that aims to achieve good-enough security, high compatibility and usability. It has two novel features. One is access control based on tracing potential intrusion that can reduce false negatives and facilitate security configuration, in order to improve both compatibility and usability; the other is automatically figuring out all of the compatibility exceptions that usually incurs incompatible problems. The experiments performed on the prototype show that CUMAC can defense attacks from network, mobile disk and local untrustable users while keeping good compatibility and usability.

Published in:

Electronic Commerce and Security, 2009. ISECS '09. Second International Symposium on  (Volume:1 )

Date of Conference:

22-24 May 2009