PinUP: Pinning user files to known applications

Proceedings - Annual Computer Security Applications Conference, ACSAC

Volumn , Issue , 2008, Pages 55-64

  Enck, William ^a   McDaniel, Patrick ^a   Jaeger, Trent ^a  

^a PENNSYLVANIA STATE UNIVERSITY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

EMAIL CLIENTS; LINUX SECURITY MODULES; MALCODE; OFFICE APPLICATIONS; PRACTICAL USE; PROTECTION MECHANISMS; SYSTEM PROTECTIONS; USER DATUM; WORK-FLOWS;

SECURITY OF DATA; SECURITY SYSTEMS;

COMPUTER APPLICATIONS;

EID: 60649099375     PISSN: 10639527     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ACSAC.2008.41     Document Type: Conference Paper

References (31)

1. A. Acharya and M. Raje. MAPbox: Using parameterized behavior classes to confine untrusted applications. In Proceedings of the 9th USENIX Security Symposium, Aug. 2000.
2. J. P. Anderson. Computer security technology planning study. ESDTR-73-51, Air Force Electronic Systems Division, Hanscom AFB, Bedford, MA, 1972. (Also available as Vol. I, DITCAD-758206. Vol. II DITCAD-772806).
3. L. Badger, D. Sterne, D. Sherman, K. Walker, and S. Haghighat. A domain and type enforcement UNIX prototype. In Proceedings of USENIX Security Symposium, 1995.
4. D. E. Bell and L. J. LaPadula. Secure Computer Systems: Mathematical Foundations. Technical Report MTR-2547, Vol. 1, MITRE Corp., Bedford, MA, 1973.
5. A. Berman, V. Bourassa, and E. Selberg. TRON: Process-specific file protection for the UNIX operating system. In Proceedings of USENIX Technical Conference, 1995.
6. C. Cowan, S. Beattie, G. Kroah-Hartman, C. Pu, P. Wagle, and V. Gligor. SubDomain: Parsimonious server security. In USENIX conference on System administration, 2000.
7. A. DeWitt and J. Kuljis. Aligning usability and security: A usability study of polaris. In Proceedings of the Symposium On Usable Privacy and Security, July 2006.
8. W. Enck, S. Rueda, Y. Sreenivasan, J. Schiffman, L. S. Clair, T. Jaeger, and P. McDaniel. Protecting users from "themselves". In Proceedings of ACM CSAW, 2007.
9. G. Fernandez and L. Allen. Extending the Unix protection model with access control lists. In Proceedings of the 1988 USENIX Summer Symposium, pages 119-132, 1988.
10. D. Ferraiolo, J. Cugini, and D. R. Kuhn. Role-based access control (RBAC): Features and motivations. In Proceedings of Annual Computer Security Application Conference, 1995.
11. D. Ferraiolo and R. Kuhn. Role-based access control. In Proceedings of National Computer Security Conference, 1992.
12. C. Friberg and A. Held. Support for discretionary role based access control in ACL-oriented operating systems. In ACM workshop on Role-based access control, 1997.
13. I. Goldberg, D. Wagner, R. Thomas, and E. Brewer. A secure environment for untrusted helper applicationos: Confining the wily hacker. In USENIX Security Symposium, 1996.
14. S. Ioannidis, S. Bellovin, and J. Smith. Sub-operating systems: A new approach to application security. In Proceedings of ACM SIGOPS European workshop, 2002.
15. T. Jaeger, A. Rubin, and A. Prakash. Building systems that flexibly control downloaded executable content. In Proceedings of USENIX UNIX Security Symposium, July 1996.
16. C. Ko, G. Fink, and K. Levitt. Automated detection of vulnerabilities in privileged programs by execution monitoring. In Proceedings of ACSAC, 1994.
17. N. Lai and T. Gray. Strengthening discresionary access controls to inhibit trojan horses and computer viruses. In Proceedings of USENIX Summer Symposium, 1988.
18. Linux intrusion detection system (LIDS). http://www.lids.org, accessed January 2007.
19. National Security Agency. Security-enhanced Linux (SELinux). http://www.nsa.gov/selinux.
20. Novell. AppArmor application security for linux. http://www.novell.com/ linux/security/apparmor/.
21. N. Provos. Improving host security with system call policies. In Proceedings of USENIX Security Symposium, 2003.
22. R. Sailer, X. Zhang, T. Jaeger, and L. van Doorn. Design and implementation of a TCG-based integrity measurement architecture. In USENIX Security Symposium, 2004.
23. V. Samar. Unified login with pluggable authentication modules (PAM). In Proceedings of ACM CCS, 1996.
24. M. Schmid, F. Hill, and A. Gosh. Protecting data from malicious software. In Proceedings of ACSAC, 2002.
25. M. Seaborn. Plash. http://plash.beasts.org.
26. P. Snowberger and D. Thain. Sub-identities: Towards operating system support for distributed system security. Technical Report 2005-18, University of Notre Dame, Department of Computer Science and Engineering, Oct. 2005.
27. R. Spencer, S. Smalley, P. Loscocco, M. Hibler, D. Andersen, and J. Lepreau. The flask security architecture: System support for diverse security policies. In Proceedings of USENIX Security Symposium, Aug. 1999.
28. M. Stiegler, A. Karp, K.-P. Yee, and M. Miller. Polaris: Virus safe computing for windows xp. Technical Report HPL-2004-221, HP Laboratories Palo Alto, Dec. 2004.
29. Trusted Computing Group. TCG specification architecture overview: Revision 1.2. http://www.trustedcomputinggroup.org, Apr. 2004.
30. D. Wichers, D. Cook, R. Olsson, J. Crossley, P. Kerchen, K. Levitt, and R. Lo. PACL's: An access control list approach to anti-viral security. In Proceedings of the 13th National Computer Security Conference, 1990.
31. C. Wright, C. Cowan, J. Morris, S. Smalley, and G. Kroah-Hartman. Linux security modules: General security support for the Linux kernel. In USENIX Security Symposium, 2002.