Accountable administration and implementation in operating systems

GLOBECOM - IEEE Global Telecommunications Conference

Volumn , Issue , 2011, Pages

  Zeng, Lei ^a   Chen, Hui ^b   Xiao, Yang ^a  

^a University of Alabama   (United States)

^b VIRGINIA STATE UNIVERSITY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

SECURITY MODEL; SYSTEM ADMINISTRATORS;

COMMUNICATION;

COMPUTER OPERATING SYSTEMS;

EID: 84863166638     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/GLOCOM.2011.6134107     Document Type: Conference Paper

References (29)

1. K. Kent and M. Souppaya, "Guide to Computer Security Log Management: Recommendations of the National Institute of Standards and Technology," NIST Special Publication 800-92, September 2006.
2. J. Mirkovic and P. Reiher, "Building Accountability into the Future Internet," Proceedings of the IEEE ICNP Workshop on Secure Network Protocols (NPSec), 2008.
3. Y. Xiao, "Accountability for Wireless LANs, Ad Hoc Networks, and Wireless Mesh Networks," IEEE Communications Magazine, Vol. 46, No. 4, Apr. 2008, pp. 116-126. 10.1109/MCOM.2008.4481350 (Pubitemid 351593417)
4. W. Stallings and L. Brown, Computer Security: Principles and Practice, Pearson Prentice Hall, Upper Saddle River, New Jersey 07458, U. S. A., 2008
5. Rebecca T. Mercuri, "On auditing audit trails," Communications of the ACM, vol. 46, no. 1, pp. 17-20, January, 2003
6. Abraham Silberschatz, Peter B. Galvin, and Greg Gagne, Operating System Concepts, 8th Edition, Wiley, July 28, 2008
7. SUSE Linux AG, "Linux Audit-Subsystem Design Documentation for Kernel 2.6, Version 0.1," SUSE Linux AG and Novell, Inc, 2004, see: http://www.uniforum.chi.il.us/slides/HardeningLinux/LAuS-Design.pdf, September 28, 2007.
8. P. Kamp, "Jails: Confining the omnipotent root," 2nd International System Administration and Network Engineering (SANE) Conference May 22-25, 2000 MECC, Maastricht, The Netherlands.
9. N. Itoi, W. A. Arbaugh, S. J. Pollack, and D. M. Reeves, "Personal Secure Booting," Lecture Notes in Computer Science, Volume 2119/2001, pp. 130-144, 2001.
10. A. Sadeghi and C. Stüble, "Property-based attestation for computing platforms: caring about properties, not mechanisms," Proceedings of the 2004 workshop on New security paradigms, pp. 66-67, 2004.
11. US Department of Defense, "Department of Defense Trusted Computer System Evaluation Criteria," DoD 5200.28-STD, Library No. S225,711, December 1985.
12. NIST ITL, "Common Criteria: Launching the International Standard," NIST ITL Security Bulletin, National Institute of Standard and Technology, Information Technology Laboratory, November 1998, Available: http://csrc.nist.gov/publications/nistbul/11-98.pdf
13. The International Organization for Standardization, "Common Criteria for Information Technology Security Evaluation (CC)," Version 3.1, September 2006, Available: http://www.commoncriteriaportal.org/public/consumer/ index.php?menu=2.
14. Microsoft, "The Threats and Countermeasures Guide," October 10, 2007, Available: http://www.microsoft.com/technet/security/guidance/ serversecurity/tcg/tcgch00.mspx
15. Microsoft, "The Audit Management in Windows 2000," October 10, 2007, Available: http://www.microsoft.com/technet/security/prodtech/windows2000/ w2kccadm/auditman/w2kadm22.mspx
16. Microsoft, "The Audit Collection Services," October 10, 2007, Available: http://technet.microsoft.com/enus/library/bb381258.aspx
17. Redhat, Inc, "Linux Audit Discussion," September 28, 2007 Available: http://www.redhat.com/mailman/listinfo/linux-audit
18. Sun Microsystems, Inc, "SunSHIELD Basic Security Module Guide," Sun Microsystems, Inc, Mountain View, CA 94303, USA, 2000, Available: http://dlc.sun.com/pdf/806-1789/806-1789.pdf
19. Z. Baird and J. Barksdale, "Implementing a Trusted Information Sharing Environment: Using Immutable Audit Logs to Increase Security, Trust, and Accountability," A Project of Markle Foundation, New York City, February, 2006.
20. M. Bellare and B. Yee, "Forward Integrity for Secure Audit Logs," Technical Report, Department of Computer Science and Engineering, University of California at San Diego, November, 1997.
21. W. Itani, A. Kayssi, A. Chehab, and C. Gaspard, "A Policy-Driven Contact-Based Security Protocol for Protecting Audit Logs on Wireless Devices," International Journal of Network Security, Vol. 3, No. 2, pp.124-135, September 2006.
22. B. Schneier and J. Kelsey, "Remote Auditing of Software Outputs Using a Trusted Coprocessor," Future Generation Computer Systems, Vol. 13, No. 1, pp.9-18, July 1997. (Pubitemid 127382569)
23. B. Schneier and J. Kelsey, "Secure Audit Logs to Support Computer Forensics," ACM Transactions on Information and System Security, Vol. 2, No. 2, pp.59-196, May 1999.
24. B. Schnerer and J. Kelsey, "Cryptographic Support for Secure Logs on Untrusted Machines," Proceedings of the 7th USENIX Security Symposium, pp.53-62, Berkeley, CA, January 1998.
25. Z. Wang, X. Jiang, W. Cui and P. Ning, "Countering Kernel Rootkits with Lightweight Hook Protection," Proc. of the 16th ACM Conference on Computer and Communications Security (CCS'09), pp. 545-554, 2009
26. J. Levine, J.Grizzard, and H. Owen, "A Methodology to Detect and Characterize Kernel Level Rootkit Exploits Involving Redirection of the System Call Table," Proc. of the 2nd IEEE International Information Assurance Workshop (IWIA'04), 2004
27. T. Garfinkel, "Traps and Pitfalls: Practical Problems in System Call Interposition-based Security Tools," Proc. of 2003 Network and Distributed Systems Security Symposium, 2003.
28. Y. Xiao, "Flow-Net Methodology for Accountability in Wireless Networks," IEEE Network, Vol. 23, No. 5, Sept./Oct. 2009, pp. 30-37.
29. Y. Xiao, K. Meng, and D. Takahashi, "Accountability using Flow-net: Design, Implementation, and Performance Evaluation," (Wiley Journal of) Security and Communication Networks, Special Issue on Security and Privacy in Emerging Information Technologies, accepted, DOI:10.1002/sec.348.