Subprime oil: Deflation of the

Access Control in Operating Systems


Cover imageAccess control mechanisms (ACMs) have been widely used by operating systems (OSes) to protect information security. However, it is often challenging to evaluate and compare the quality of protection (QoP) of ACMs, especially when they are deployed on different OS platforms. This article presents an approach to quantitatively measure and compare the quality of ACMs, which provides useful information to support OS administrators and users to choose ACMs that fit with their security needs.

We introduce the notion of vulnerability profiles to capture the weakness of ACMs in protecting against malicious attacks, based on which vulnerability coefficients are computed as the numeric and platform-independent measurement of the QoP of ACMs. The approach combines the grey system theory and an independent vulnerability scoring system to infer complete vulnerability profiles and to calculate fair and objective vulnerability coefficients for ACMs. We implement a prototype called ACVAL based on the approach, and apply it to four mainstream ACMs. The results show that ACVAL is effective in evaluating and comparing ACMs across different OSes, a feature particularly useful to administrators of heterogeneous IT systems. To the best of our knowledge, our approach is the first to quantitative measurement and comparison of ACMs across OSes.

Keywords

  • Security measurement;
  • Vulnerability profile;
  • Attack surface;
  • Access control;
  • Operating system;
  • Logic programming

Copyright © 2014 Elsevier Ltd. All rights reserved.

Dr. Liang Cheng received his PhD in Information Security at the University of Science and Technology of China in 2009. His PhD focused on the verification of access control in secure operating systems. He contributed to several NFSC programs for verification of access control policies and the evaluation of their quality of protection. He is now Associate Professor at the Institute of Software, Chinese Academy of Sciences. Since 2010, he has been working on flaw detection and assessment of access control configurations and program codes in IT systems.



Share this article





Related Posts



Latest Posts
Distributed control system in power plants
Distributed control…
Conditions in today’s power generation…
Access Control Systems Nashville
Access Control…
The teams at ACT Security are true specialists…
Different types of Access Control Systems
Different types…
Example of an access control system :…
Access Control Security Systems PDF
Access Control…
Collusive tendering in relation to the…
What is closed loop and open loop?
What is closed…
All existing pumped storage projects…
Search
Featured posts
  • Access control Management System
  • Access Control door Entry Systems
  • Access Control Security Systems
  • Access Control Systems
  • Access Control Security Systems PDF
  • S2 Access Control Systems
  • Access Control System Diagram
  • Access Control Systems Nashville
  • Access Control Systems London
Copyright © 2019 l www.oliver-control.com. All rights reserved.