Abstract
We present an integrated system of two Windows workstations; while the first workstation is prepared to process secret information, the second is for non-secret which may contain computer virus, and the two workstations are integrated into a PC with secure OS, virtual machine and gateways. Since the two workstations are virtually separated at the physical level, the first workstation is not infected by virus, nor is secret leaked out to the Internet, even if the second is infected by unknown virus. Comparing previous work which realizes complete data isolation for intelligence community, user of the proposed system can import data securely from the second workstation to the first through security guaranteed channel between the two workstations. The user can also read e-mail from the Internet on the first without fear of virus infection, and as a result the user does not need to be aware that she/he uses the two workstations.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Gordon, L.A., Loeb, M.P., Lucyshyn, W., Richardson, R.: 2006 CSI/FBI Computer Crime and Security Survey: Computer Security Institute (2006)
Symantec Reports Rise in Data Theft, Data Leakage, and Targeted Attacks Leading to Hackers’ Financial Gain: News Release (19th March 2007), http://www.symantec.com/about/news/release/article.jsp?prid=20070319_01
McAfee, Inc. Releases New Research Suggesting Data Loss Will Lead To Next Major Corporate Collapse: Press Release (24th April 2007), http://www.symantec.com/about/news/release/article.jsp?prid=20070319_01
Frantzen, S.: Targeted attack: Experience from the trenches: The SANS Institute (May 21, 2006) http://isc.sans.org/diary.html?storyid=1345
Argus Systems Group, Inc.: PitBull.comPack, OS-level Security for Solaris and AIX: White Paper (March 2001), http://www.argus-systems.com/public/docs/pitbull.whitepaper.oss.pdf
Loscocco, P.A., Smalley, S.D.: Meeting Critical Security Objectives with Security-Enhanced Linux. In: Proceedings of the 2001 Ottawa Linux Symposium (2001), http://www.nsa.gov/selinux/papers/ottawa01.pdf
Trusted Computer System Evaluation Criteria; Department of Defense Standard 5200.28-STD (August 1983)
Christodorescu, M., Jha, S., Seshia, S., Song, D., Bryant, R.E.: Semantics-Aware Malware Detection. In: IEEE Symposium on Security and Privacy (2005)
HP NetTop: A Technical Overview (December 2004)
Meushaw, R., Simard, D.: Nettop, Commercial Technology in High Assurance Applications: NSA Tech Trend Notes (Fall 2000), http://www.vmware.com/pdf/TechTrendNotes.pdf
Crystal Dew World, http://crystalmark.info/?lang=en
Trusted Computing Group, TCG Specification Architecture Overview, Specification Revision 1.4 (August 2, 2007)
Griffin, J.L., Jaeger, T., Perez, R., Sailer, R., van Doorn, L., Caceres, R.: Trusted Virtual Domains: Toward Secure Distributed Services. In: The First Workshop on Hot Topics in System Dependability (June 30, 2005)
Inoue, H., Ikeno, A., Kondo, M., Sakai, J., Edahiro, M.: VIRTUS: A new processor virtualization architecture for security-oriented next-generation mobile terminals. In: Proceedings of the 43rd annual conference on Design automation, pp. 484–489 (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Sameshima, Y., Saisho, H., Matsumoto, T., Komoda, N. (2007). Windows Vault: Prevention of Virus Infection and Secret Leakage with Secure OS and Virtual Machine. In: Kim, S., Yung, M., Lee, HW. (eds) Information Security Applications. WISA 2007. Lecture Notes in Computer Science, vol 4867. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77535-5_10
Download citation
DOI: https://doi.org/10.1007/978-3-540-77535-5_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-77534-8
Online ISBN: 978-3-540-77535-5
eBook Packages: Computer ScienceComputer Science (R0)