Skip to main content
SpringerLink
Log in

An Illegal Indirect Access Prevention Method in Transparent Computing System

  • Conference paper
  • First Online:
Algorithms and Architectures for Parallel Processing (ICA3PP 2015)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 9532))

  • 1752 Accesses

Abstract

Transparent computing is a novel network computing paradigm in which operating systems, applications, data, etc. are stored and managed on remote servers, and complex computing tasks are performed on local clients in real time. The unified and professional storage managements on servers make clients capable of owning an intrinsic advantage of storage security. However, due to runtime computing tasks of applications, protecting information flow security in end devices becomes important. In this paper, we propose a secure information flow model and design an information flow search algorithm based on Depth-first-search to prevent illegal access between files in transparent computing local environment. The main idea is to detect indirect access in information flow graph constructed with historic access records at first. Then compare the indirect access with previously designed white list to find out whether there are illegal behaviors. Intercepting access behavior is implemented by a special and secure file filter above file system at kernel level. Algorithm and security analysis show that our work can provide a secure information flow mechanism efficiently.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Zhang, Y.: Transparence computing: concept, architecture and example. Acta Electronica Sin. 32(12A), 169–173 (2004)

    Google Scholar 

  2. Zhang, Y., Zhou, Y.: Transparent computing: a new paradigm for pervasive computing. In: Ma, J., Jin, H., Yang, L.T., Tsai, J.J.-P. (eds.) UIC 2006. LNCS, vol. 4159, pp. 1–11. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  3. Lapadula, L., Lapadula, L.J., Bell, D.E.: Secure computer systems: a mathematical model. Technical report 2547 (1996)

    Google Scholar 

  4. Xue, H., Dai, Y.: A privacy protection model for transparent computing system. Int. J. Cloud Comput. 1(4), 367–384 (2012)

    Article  Google Scholar 

  5. Yang, Y., Ding, R., Min, Y.: Object-based access control model. Autom. Electr. Power Syst. 27(7), 36–40 (2003)

    Google Scholar 

  6. Deng, J.B., Hong, F.: Task-based access control model. J. Softw. 14(1), 76–82 (2003)

    MATH  Google Scholar 

  7. Ferraiolo, D., Kuhn, D.R., Chandramouli, R.: Role-based access control. Artech House (2003)

    Google Scholar 

  8. Li, F., Wang, W., Ma, J., Liang, X.: Action-based access control model and administration of actions. Acta Electronica Sin. 36(10), 1881–1890 (2008)

    Google Scholar 

  9. Denning, D.E.: A lattice model of secure information flow. Commun. ACM 19(5), 236–243 (1976)

    Article  MathSciNet  MATH  Google Scholar 

  10. Cheng, W., Ports, D.R., Schultz, D.A., Popic, V., Blankstein, A., Cowling, J.A., Curtis, D., Shrira, L., Liskov, B.: Abstractions for usable information flow control in aeolus. In: USENIX Annual Technical Conference, pp. 139–151 (2012)

    Google Scholar 

  11. Bichhawat, A., Rajani, V., Garg, D., Hammer, C.: Information flow control in WebKit’s javascript bytecode. In: Abadi, M., Kremer, S. (eds.) POST 2014 (ETAPS 2014). LNCS, vol. 8414, pp. 159–178. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  12. Hedin, D., Sabelfeld, A.: Information-flow security for a core of javascript. In: 25th IEEE Computer Security Foundations Symposium, pp. 3–18 (2012)

    Google Scholar 

  13. Hedin, D., Birgisson, A., Bello, L., Sabelfeld, A.: Jsflow: tracking information flow in javascript and its apis. In: Proceedings of the 29th Annual ACM Symposium on Applied Computing, pp. 1663–1671 (2014)

    Google Scholar 

  14. Dietz, M., Shekhar, S., Pisetsky, Y., Shu, A., Wallach, D.S.: Quire: lightweight provenance for smart phone operating systems. In: USENIX Security Symposium, p. 24 (2011)

    Google Scholar 

  15. Enck, W., Gilbert, P., Han, S., Tendulkar, V., Chun, B.G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. 32(2), 5 (2014)

    Article  Google Scholar 

  16. Nakamura, S., Doulikun, D., Aikebaier, A., Enokido, T., Takizawa, M.: Role-based information flow control models. In: 28th IEEE International Conference on Advanced Information Networking and Applications, pp. 1140–1147 (2014)

    Google Scholar 

  17. Zhou, Y., Zhang, Y., Xie, Y., Zhang, H., Yang, L.T., Min, G.: Transcom: a virtual disk-based cloud computing platform for heterogeneous services. IEEE Trans. Netw. Serv. Manage. 11(1), 46–59 (2014)

    Article  Google Scholar 

  18. Chen, J., Jie, S., Zhang, X.: Implementation of virus prevention method based on file system filter driver. Comput. Technol. Dev. 23(3), 143–146 (2013)

    Google Scholar 

  19. Qiu, S., Tang, G., Wang, Y.: Research of file backup method based on double cache and minifilter driver. In: 2015 International Conference on Advances in Mechanical Engineering and Industrial Informatics. Atlantis Press (2015)

    Google Scholar 

  20. Chen, J., Ye, J.: Research on the file encryption system based on minifilter driver. In: Long, S., Dhillon, B.S. (eds.) Proceedings of the 13th International Conference on Man-Machine-Environment System Engineering. Lecture Notes in Electrical Engineering, pp. 175–182. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  21. Li, Z.: Research on the technology of dynamically access control based on file filter driver in windows system. Comput. Knowl. Technol. 8(9), 2045–2047 (2012)

    Google Scholar 

  22. Zhang, Y., Zhou, Y.: TransOS: a transparent computing-based operating system for the cloud. Int. J. Cloud Comput. 1(4), 287–301 (2012)

    Article  Google Scholar 

Download references

Acknowledgments

This work is supported in part by the Joint Project of Central South University and Tencent Corporation under Grant Number 2014002H029, the Hunan Provincial Innovation Foundation for Postgraduate under Grant Number CX2015B047, the Hunan Provincial Education Department of China under grant number 2015C0589, the International Science & Technology Cooperation Program of China under Grant Number 2013DFB10070, and the China Hunan Provincial Science & Technology Program under Grant Number 2012GK4106.

Author information

Authors and Affiliations

  1. School of Information Science and Engineering, Central South University, Changsha, 410083, China

    Wenjuan Tang, Yang Xu, Guojun Wang & Yaoxue Zhang

Authors
  1. Wenjuan Tang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yang Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Guojun Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yaoxue Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Guojun Wang .

Editor information

Editors and Affiliations

  1. Central South University, Changsha, China

    Guojin Wang

  2. Sch of Information Technologies, Sydney University, Sydney, New South Wales, Australia

    Albert Zomaya

  3. Department of Information and Commu, University of Murcia, Murcia, Murcia, Spain

    Gregorio Martinez

  4. Changsha, China

    Kenli Li

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Tang, W., Xu, Y., Wang, G., Zhang, Y. (2015). An Illegal Indirect Access Prevention Method in Transparent Computing System. In: Wang, G., Zomaya, A., Martinez, G., Li, K. (eds) Algorithms and Architectures for Parallel Processing. ICA3PP 2015. Lecture Notes in Computer Science(), vol 9532. Springer, Cham. https://doi.org/10.1007/978-3-319-27161-3_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-27161-3_23

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-27160-6

  • Online ISBN: 978-3-319-27161-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation