Implementation of a discretionary access control model for script-based systems
نویسندگان
چکیده
for Script-based Systems Trent Jaeger and Atul Prakash Software Systems Research Laboratory Department of Electrical Engineering and Computer Science University of Michigan, Ann Arbor, MI 48109-2122 E-mails: [email protected] Abstract Powerful applications can be implemented using command scripts. A command script is a program written by one user, called a writer, and made available to another user, called the reader, who executes the script. For instance, command scripts could be used by Mosaic, the popular World-wide Web browsing tool, to provide fancy interfaces to services, such as banking, shopping, etc. However, the use of command scripts presents a serious security problem. A command script is run with the reader's access rights, so a writer can use a command script to gain unauthorized access to the reader's data and applications. Existing solutions to the problem either severely restrict I/O capability of scripts, limiting the range of applications that can be supported, or permit all I/O to scripts, potentially compromising the security of the reader's data. We de ne a discretionary access control model that permits users to exibly limit the access rights of the processes that execute a command script. We use this model in a prototype system that safely executes command scripts available from Mosaic.
منابع مشابه
An automatic test case generator for evaluating implementation of access control policies
One of the main requirements for providing software security is the enforcement of access control policies which aim to protect resources of the system against unauthorized accesses. Any error in the implementation of such policies may lead to undesirable outcomes. For testing the implementation of access control policies, it is preferred to use automated methods which are faster and more relia...
متن کاملHost Integrity Protection Through Usable Non-discretionary Access Control
Existing non-discretionary access control systems (such as Security Enhanced Linux) are difficult to use by ordinary users. We identify several principles for designing usable access control system and introduce the Host Integrity Protection Policy (HIPP) model that adds usable non-discretionary access control to operating systems. The HIPP model is designed to defend against attacks targeting ...
متن کاملDiscretionary and Mandatory Controls for Role-Based Administration
Role-based access control is an important way of limiting the access users have to computing resources. While the basic concepts of role-based access control are now well understood, there is no consensus on the best approach to managing role-based systems. In this paper, we introduce a new model for role-based administration, using the notions of discretionary and mandatory controls. Our model...
متن کاملA Large-scale System Authorization Scheme Proposal Integrating Java, CORBA and Web Security Models and a Discretionary Prototype
This paper presents an authorization scheme for large-scale networks that involves programming models and tools represented by Web, Java and CORBA. The authorization scheme is based on structures and concepts introduced in Web, Java and CORBA for security. A discretionary prototype is presented here, where the solutions adopted involving a concrete scheme are discussed. This scheme was develope...
متن کاملFunctionality-based Application Confinement - Parameterised Hierarchical Application Restrictions
Traditional user-oriented access control models such as Mandatory Access Control (MAC) and Discretionary Access Control (DAC) cannot differentiate between processes acting on behalf of users and those behaving maliciously. Consequently, these models are limited in their ability to protect users from the threats posed by vulnerabilities and malicious software as all code executes with full acces...
متن کامل