Abstract
In order to provide effective support to the principle of least privilege, considering the limitation of traditional privilege mechanisms, this paper proposes a new privilege control model called State-Based Privilege Control (SBPC) and presents the design and implementation of a prototype system for SBPC called Controlled Privilege Framework (CPF) on the Linux operating system platform. SBPC decomposes the time space of a process’ lifetime into a series of privilege states according to activities of the process and its need for special permissions. The privilege state is closely related to the application logic of a process. It is the privilege state transfer event that stimulates a process to transfer from one privilege state into another one. For a specified process, there is a specific set of privileges corresponding to every privilege state of the process. With the implementation of CPF, experiment results show that fine-grain and automatic privilege control can be exercised transparently to traditional applications, threats of intrusion to a system can be reduced greatly, and support to the principle of least privilege can therefore be achieved effectively.
Supported by the National Natural Science Foundation of China under Grant No.60373054 and No.60073022; the National 863 High-tech Program of China under Grant No.2002AA141080; the Science and Technology Program of Haidian District under Grant No.K20044803.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Saltzer, J., Schroeder, M.: The Protection of Information in Computer Systems. Proceedings of the IEEE 63(9), 1278–1308 (1975)
Sendmail Inc. Sendmail Workaround for Linux Capabilities Bug, http://www.sendmail.org/sendmail.8.10.1.LINUX-SECURITY.txt
Bell, D., LaPadual, L.J.: Secure Computer System: Unified Exposition and MULTICS Interpretation. MTR-2997 Rev.1, The MITRE Corporation, Bedford, MA, USA (March 1976)
Wright, C., Cowan, C., Morris, J., Smalley, S., Kroah-Hartman, G.: Linux Security Modules: General Security Support for the Linux Kernel. Usenix Security Symp., Usenix Assoc., 17–31 (2002)
Benaschi, M., Gabrielli, E., Mancini, L.: REMUS: A security-enhanced operating system. ACM Transaction on information and System Security 5(1), 36–61 (2002)
Chen, H., Wagner, D., Dean, D.: Setuid Demystified. In: Proceedings of the 11th USENIX Security Symposium, San Francisco, CA (2002)
Purczynski, W., Niewiadomski, J.: Wu-ftpd remote vulnerability (July 2003), http://www.isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt
National Computer Security Center. Final Evaluation Report TIS Trusted XENIX version 4.0 (1994)
Huagang, X.: The Linux Intrusion Detection Project, http://www.lids.org
Chari, S.N., Cheng, P.: BlueBox: A Policy-Driven, Host-Based Intrusion Detection System. ACM Transaction on information and System Security 6(2), 173–200 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Liang, B., Liu, H., Shi, W., Wu, Y. (2005). Enforcing the Principle of Least Privilege with a State-Based Privilege Control Model. In: Deng, R.H., Bao, F., Pang, H., Zhou, J. (eds) Information Security Practice and Experience. ISPEC 2005. Lecture Notes in Computer Science, vol 3439. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-31979-5_10
Download citation
DOI: https://doi.org/10.1007/978-3-540-31979-5_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25584-0
Online ISBN: 978-3-540-31979-5
eBook Packages: Computer ScienceComputer Science (R0)