LSMPMON: Performance Evaluation Mechanism of LSM-based Secure OS
نویسندگان
چکیده
Security focused OS (Secure OS) is attracting attention as a method for minimizing damage caused by various intrusions. Secure OSs can restrict the damage due to an attack by using Mandatory Access Control (MAC). In some projects, secure OSs for Linux have been developed. In these OSs, different implementation methods have been adopted. However, there is no method for easily evaluating the performance of the secure OS in detail, and the relationship between the implementation method and the performance is not clear. The secure OS in Linux after version 2.6 has often been implemented by Linux Security Modules (LSM). Therefore, we determine the effect of introducing the secure OS on the performance of the OS by using the overhead measurement tool, the LSM Performance Monitor (LSMPMON). This paper reports the evaluation results of three secure OSs on Linux 2.6.36 by LSMPMON. The results show the effect of introducing the secure OS.
منابع مشابه
Evaluation of Performance of Secure OS Using Performance Evaluation Mechanism of LSM-Based LSMPMON
Security focused OS (Secure OS) is attracting attention as a method for minimizing damage caused by various intrusions. Secure OSes can restrict the damage due to an attack by using Mandatory Access Control (MAC). In some projects, secure OSes for Linux have been developed. In these OSes, different implementation methods have been adopted. However, there is no method for easily evaluating the p...
متن کاملSILVER: Fine-Grained and Transparent Protection Domain Primitives in Commodity OS Kernel
Untrusted kernel extensions remain one of the major threats to the security of commodity OS kernels. Current containment approaches still have limitations in terms of security, granularity and flexibility, primarily due to the absence of secure resource management and communication methods. This paper presents SILVER, a framework that offers transparent protection domain primitives to achieve f...
متن کاملSecure Bio-Cryptographic Authentication System for Cardless Automated Teller Machines
Security is a vital issue in the usage of Automated Teller Machine (ATM) for cash, cashless and many off the counter banking transactions. Weaknesses in the use of ATM machine could not only lead to loss of customer’s data confidentiality and integrity but also breach in the verification of user’s authentication. Several challenges are associated with the use of ATM smart card such as: card clo...
متن کاملFuzzy Shannon Entropy: A Hybrid GIS-Based Landslide Susceptibility Mapping Method
Assessing Landslide Susceptibility Mapping (LSM) contributes to reducing the risk of living with landslides. Handling the vagueness associated with LSM is a challenging task. Here we show the application of hybrid GIS-based LSM. The hybrid approach embraces fuzzy membership functions (FMFs) in combination with Shannon entropy, a well-known information theory-based method. Nine landslide-related...
متن کاملPerformance Evaluation of the Nano OS Kernel based on System State-Monitor for Ubiquitous Sensor Network
Not only the MCU stopping and the auto-reset problems but also the dead end transition problems in the Nano OS kernel of the sensor modules are analyzed in this paper. In order to avoid and control these problems, the stack-safe Nano OS kernel suitable for USN and the system state-monitor mechanism in the Nano OS are suggested, and the performance is evaluated by a number of experimentation. Th...
متن کامل