• Title/Summary/Keyword: E-BLP Model

Search Result 2, Processing Time 0.015 seconds

Implementation of the E-BLP Security Model for Trusted Embedded Systems (안전한 임베디드 시스템을 위한 E-BLP 보안 모델의 구현)

  • Kang Jungmin;Nam Taelliun;Jang Insook;Lee Jinseok
    • Journal of KIISE:Computer Systems and Theory
    • /
    • v.32 no.10
    • /
    • pp.512-519
    • /
    • 2005
  • E-BLP security model considers the reliability of the processes that are real subjects in systems. This paper deals with the implementation of the E-BLP model for secure embedded systems. Implemented EBSM(E-BLP Based Security Module) consists of three components: identification and authentication, access control and BRC(Dynamic Reliability Check) that checks the process behavior dynamically. Access Control of EBSM ensures unreliable processes not to access the sensitive objects and the DRC detects the buffer overflow attack by normal user. Besides, the performance overhead of the embedded system applying the EBSM is introduced.

E-BLP Security Model for Secure Linux System and Its Implementation (안전한 리눅스 시스템을 위한 E-BLP 보안 모델과 구현)

  • Kang, Jung-Min;Shin, Wook;Park, Chun-Gu;Lee, Dong-Ik
    • The KIPS Transactions:PartA
    • /
    • v.8A no.4
    • /
    • pp.391-398
    • /
    • 2001
  • To design and develop secure operating systems, the BLP (Bell-La Padula) model that represents the MLP (Multi-Level Policy) has been widely adopted. However, user\`s security level in the most developed systems based on the BLP model is inherited to a process that is actual subject on behalf of the user, regardless whatever the process behavior is. So, there could be information disclosure threat or modification threat by malicious or unreliable processes even though the user is authorized in the system. These problems can be solved by defining the subject as (user, process) ordered pair and by defining the process reliability. Moreover, when the leveled programs which exist as objects in a disk are executed by a process and have different level from the process level, the security level decision problem occurs. This paper presents an extended BLP (E-BLP) model in which process reliability is considered and solves the security level decision problem. And this model is implemented into the Linux kernel 2.4.7.

  • PDF