A Secure Access Control Mechanism against Internet Crackers
نویسندگان
چکیده
Internet servers are always in danger of being “hijacked” by various attacks like the buffer overflow attack. To minimize damages in cases where full control of the servers are stolen, imposing access restrictions on the servers is still needed. However, designing a secure access control mechanism against hijacking is not easy because that mechanism itself can be a security hole. In this paper, we describe the access control mechanism of our Compacto operating system. Compacto uses our new technique called the process cleaning so that malicious code injected by a cracker cannot illegally remove access restrictions from a hijacked server. According to the results of our experiments, the process cleaning can be implemented with acceptable performance overheads.
منابع مشابه
The Use of Data Envelopment Analysis in the Design of Internet Networks to Ensure the Quality of Service
Choosing a superior Internet network by users or providing a desirable Internet network by ISPs is always one of the important decision issues in this area. Choosing a unique optimal network from among the best networks is still a big challenge. The purpose of this paper is to use the data envelopment analysis (DEA) decision-making technique to evaluate the existing Internet networks in order t...
متن کاملA comparative analysis of software protection schemes
In the era of software globalization, the need for securing software is much sought to ensure its smooth functioning for continuous availability of services to the users. Particularly, in cloud computing environment, all the software in the cluster needs to be secured and shielded against unauthorized accesses. Software crackers are always in the search of flaws in the software to obtain access...
متن کاملTowards a Secure Web-Based Health Care Application
though security requirements in health care are traditionally high, most computerized health care applications lack sophisticated security measures or focus only on single security objectives. This paper describes special security problems that arise when processing health care data using public networks such as the Internet. It proposes a structured approach using a context-dependent access co...
متن کاملA Calculus of Secure Mobile Computations ( Preliminary Report ) Jan Vitek
The seal-calculus is a distributed process calculus in which locations and movement of computational entities are explicit. The calculus is targeted at secure distributed applications over large scale open networks such as the Internet. Security is addressed by the addition of a ne-grain access control mechanism. This paper motivates our design choices, presents the syntax and reduction semanti...
متن کاملSecure and auditable agent-based communication protocol for e-health system framework
Security is essential for e-health system as it provides highly sensitive distributed medical data and exchanged among the healthcare professionals, customers and providers over Internet. Internet is an open access system that allows anyone to participate and access the data. Hence, it is necessary to protect the data, service from the unauthorized visibility, use and also maintain a high degre...
متن کامل