Virginia Tech
    • Log in
    View Item 
    •   VTechWorks Home
    • University Libraries
    • Open Access Subvention Fund Articles
    • View Item
    •   VTechWorks Home
    • University Libraries
    • Open Access Subvention Fund Articles
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    Process Authentication for High System Assurance

    Thumbnail
    View/Open
    YaoProcess.pdf (785.9Kb)
    Downloads: 928
    Date
    2013-07-11
    Author
    Almohri, Hussain M.J.
    Yao, Danfeng (Daphne)
    Kafura, Dennis
    Metadata
    Show full item record
    Abstract
    This paper points out the need in modern operating system kernels for a process authentication mechanism, where a process of a user-level application proves its identity to the kernel. Process authentication is different from process identification. Identification is a way to describe a principal; PIDs or process names are identifiers for processes in an OS environment. However, the information such as process names or executable paths that is conventionally used by OS to identify a process is not reliable. As a result, malware may impersonate other processes, thus violating system assurance. We propose a lightweight secure application authentication framework in which user-level applications are required to present proofs at runtime to be authenticated to the kernel. To demonstrate the application of process authentication, we develop a system call monitoring framework for preventing unauthorized use or access of system resources. It verifies the identity of processes before completing the requested system calls. We implement and evaluate a prototype of our monitoring architecture in Linux. The results from our extensive performance evaluation show that our prototype incurs reasonably low overhead, indicating the feasibility of our approach for cryptographically authenticating applications and their processes in the operating system.
    URI
    http://hdl.handle.net/10919/75198
    Collections
    • Destination Area: Integrated Security (IS) [106]
    • Open Access Subvention Fund Articles [641]
    • Scholarly Works, Department of Computer Science [295]

    If you believe that any material in VTechWorks should be removed, please see our policy and procedure for Requesting that Material be Amended or Removed. All takedown requests will be promptly acknowledged and investigated.

    Virginia Tech | University Libraries | Contact Us
     

     

    VTechWorks

    AboutPoliciesHelp

    Browse

    All of VTechWorksCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsThis CollectionBy Issue DateAuthorsTitlesSubjects

    My Account

    Log inRegister

    Statistics

    View Usage Statistics

    If you believe that any material in VTechWorks should be removed, please see our policy and procedure for Requesting that Material be Amended or Removed. All takedown requests will be promptly acknowledged and investigated.

    Virginia Tech | University Libraries | Contact Us