Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Information Security Applications

WISA 2007: Information Security Applications pp 91–101Cite as

Implementation of LSM-Based RBAC Module for Embedded System

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4867))

Abstract

Security requirements of the embedded system which were not considered when the embedded system is independently deployed are being increased because the embedded system is connected to an internet. Accordingly, the coverage of the system security is being expanded from the general server to the embedded system. And it is not enough that the embedded system supports only its inherent functions and it becomes the essential element to provide the security function to the embedded system. This paper implements the Role Based Access Control(RBAC) module which is designed using the Linux Security Module(LSM) for the embedded system. RBAC allows security management to be administrated easily and LSM is a lightweight, general purpose, access control framework for mainstream Linux kernel that enables many different access control models. The combination of RABC and LSM properties is very suitable for one of security solutions of embedded system because of the simplicity and flexibility of RBAC and a lightweight loadable mechanism of LSM. And we show the performance of our implementation that has very small overhead for the intended processing and is acceptable.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. F-Secure Mobile Anti-virus, http://mobile.f-secure.com/

  2. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based Access Control models. IEEE Computer 29(2), 38–47 (1996)

    Article  Google Scholar 

  3. Ferraiolo, D., Cugini, J., Kuhn, D.R.: Role-based Access Control: Features and motivations. In: Annual Computer Security Applications Conference, IEEE Computer Society Press, Los Alamitos (1995)

    Google Scholar 

  4. Wright, C., Cowan, C., Smalley, S., Morris, J., Kroah-Hartman, G.: Linux Security Modules: General Security Support for the Linux Kernel. In: Proceedings of the 11th USENIX Security Symposium, pp. 17–31 (2002)

    Google Scholar 

  5. Trumper, W.: Summary about POSIX.1e (1999), http://wt.xpilot.org/publications/posix.1e

  6. Spencer, R., Smalley, S., Loscocco, P., Hibler, M., Andersen, D., Lepreau, J.: The Flask Security Architecture: System Support for Diverse Security Policies. In: Proceedings of the Eighth USENIX Security Symposium, pp. 123–139 (1999)

    Google Scholar 

  7. Hallyn, S., Kearns, P.: Domain and Type Enforcement for Linux. In: Proceedings of the 4th Annual Linux Showcase and Conference (2000)

    Google Scholar 

  8. American National Standard for Information Technology – Role Based Access Control. ANSI/INCITS 359-2004 (2004)

    Google Scholar 

  9. Role Based Access Control Implementation Standard Version 0.1. draft-rbac-implementation-std-v01 (2006), http://csrc.nist.gov/rbac

  10. McVoy, L.W., Staelin, C.: lmbench: Portable Tools for Performance Analysis. In: USENIX Annual Technical Conference (1996), http://www.bitmover.com/lmbench/

Download references

Author information

Authors and Affiliations

  1. Electronics and Telecommunications Research Institute (ETRI), 161 Gajung-dong, Yuseong-gu, Daejeon, 305-700, Korea

    Jae-Deok Lim, Sung-Kyong Un & Jeong-Nyeo Kim

  2. Computer Science & Engineering, Chungnam National University, 220 Gung-dong, Yuseong-gu, Daejeon, 305-764, Korea

    ChoelHoon Lee

Authors
  1. Jae-Deok Lim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sung-Kyong Un
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jeong-Nyeo Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. ChoelHoon Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Industrial Engineering, KAIST, 373-1, Guseong-dong, Yuseong-gu, 305-701, Daejeon, Korea

    Sehun Kim

  2. RSA Labs, EMC Corp. and Department of Computer Science, Columbia University,, USA

    Moti Yung

  3. Div. Computer Information of Software, Hanshin University, 411, Yangsan-dong, 447-791, Osan, Gyunggi, South Korea

    Hyung-Woo Lee

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lim, JD., Un, SK., Kim, JN., Lee, C. (2007). Implementation of LSM-Based RBAC Module for Embedded System. In: Kim, S., Yung, M., Lee, HW. (eds) Information Security Applications. WISA 2007. Lecture Notes in Computer Science, vol 4867. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77535-5_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-77535-5_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-77534-8

  • Online ISBN: 978-3-540-77535-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation