An Approach for Secure Software Installation

نویسندگان

  • V. N. Venkatakrishnan
  • R. Sekar
  • T. Kamat
  • S. Tsipa
  • Zhenkai Liang
چکیده

We present an approach that addresses the problem of securing software configurations from the security-relevant actions of poorly built/faulty installation packages. Our approach is based on a policy-based control of the package manager’s actions and is customizable for site-specific policies. We discuss an implementation of this approach in the context of the Linux operating system for the Red Hat Package manager (RPM).

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Mapping of McGraw Cycle to RUP Methodology for Secure Software Developing

Designing a secure software is one of the major phases in developing a robust software. The McGraw life cycle, as one of the well-known software security development approaches, implements different touch points as a collection of software security practices. Each touch point includes explicit instructions for applying security in terms of design, coding, measurement, and maintenance of softwar...

متن کامل

An Approach for Secure Software

We present an approach that addresses the problem of securing software configurations from the security-relevant actions of poorly built/faulty installation packages. Our approach is based on a policy-based control of the package manager’s actions and is customizable for site-specific policies. We discuss an implementation of this approach in the context of the Linux operating system for the Re...

متن کامل

Secure Software Delivery and Installation in Embedded Systems

Increasingly, software (SW) in embedded systems can be updated due to the rising share of flashable electronic control units (ECUs). However, current SW installation procedures are insecure: An adversary can install SW in a given ECU without any sender authentication or compatibility assessment. In addition, SW is installed on an all-or-nothing basis: With the installation, the user acquires fu...

متن کامل

Towards automated software component configuration and deployment

Software deployment is a complex process that covers post development activities as configuring, releasing, installing, updating, adapting until uninstalling a software application. The existing tools do not cover all this process and they are ad hoc. This paper presents and describes some ideas to create a deployment environment. The aim of this environment is to ensure a coherent and secure i...

متن کامل

Secure Code Updates for Mesh Networked Commodity Low-End Embedded Devices

Mesh networked low-end embedded devices are increasingly used in various scenarios, including industrial control, wireless sensing, robot swarm communication, or building automation. Recently, more and more software vulnerabilities in embedded systems are disclosed, as they become appealing targets for cyber attacks. In order to patch these systems, an efficient and secure code update mechanism...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2002