Abstract
This paper presents the design and implementation features of Centralized Pervasive Computing Environment/Multilevel Security (CPCE/MLS), a multilevel security (MLS) system in pervasive computing environment deployed in Local area network (LAN) with a Mandatory Access Control (MAC) mechanism. By introducing the server-storage terminals and implementing the multilevel security access control mechanism based on the Bell–LaPadula model, process creation supervision, and an auditing mechanism, the CPCE/MLS system is able to provide the security guarantee of the whole computing environment. As such, each terminal is controlled under an integrated security policy. The performance test results show that the CPCE/MLS system, without optimization, generates great overhead but achieves significantly better performance after the cache mechanism is added in the monitor agent and in the hook driver. The system with the hook driver cache mechanism is able to achieve the 95.9% throughput of the native system with 8 K and 16 K requested data blocksize.
Similar content being viewed by others
References
Ahmad I, Anderson JM, Holler AM, Kambo R, Makhija V (2003) An analysis of disk performance in VMware ESX server virtual machines. In: Proceedings of annual workshop on workload characterization, Texas
Ambient Devices Inc (2009) Ambient devices: products. Available at http://www.ambientdevices.com/
Anderson JP (1972) Computer security technology planning study. Tech Rep ESD-TR-73-51 Vol II, HQ Electronic Systems Division (AFSC)
Bell DE, LaPadula LJ (1976) Secure computer system: unified exposition and Multics interpretation. MITRE report MTR 2997
Boukerche A, Ren Y (2008) A trust-based security system for ubiquitous and pervasive computing environments. Comput Commun 31(18):4343–4351
Campbell R, Al-Muhtadi J, Naldurg P, Sampemane G, Mickunas MD (2002) Towards security and privacy for pervasive computing. In: Proceedings of the 2002 Mext-NSF-JSPS international conference on software security: theories and systems
Computer Security Institute (2008) 2008 CSI computer crime and security survey. Available at http://i.cmpnet.com/v2.gocsi.com/pdf/CSISurvey2008.pdf
Creese S, Goldsmith M, Roscoe B, Zakiuddin I (2004) Security in pervasive computing 2003. Lect Notes Comput Sci 2802:116–129
FlinkII CW, Weiss JD (1988) System V/MLS labeling and mandatory policy alternatives. AT&T Tech J 67(3):53–64
Gligor VD, Burch EL, Chandersekaran CS (1987) On the design and the implementation of secure Xenix workstation. In: Proceedings of IEEE symposium on security and privacy, California, pp 102–117
Kagal L, Undercoffer J, Perich F, Joshi A, Finin T (2005) A security architecture based on trust management for pervasive computing systems. Tech Rep, Defense Advanced Research Projects Agency
Landwehr CE, Heitmeyer CL, McLean J (1984) A security model for military message systems. ACM Trans Comput Syst 9(3):198–222
Loscocco P, Smalley S (2001) Integrating flexible support for security policies into the Linux operating system. In: Proceedings of FREENIX track: USENIX annual technical conference, Massachusetts, pp 29–42
MIT Project Oxygen (2004) Oxygen project overview. Available at http://www.oxygen.lcs.mit.edu/Overview.html
Russinovich ME, Solomon DA (2004) Microsoft Windows internals. In: Microsoft Windows Server 2003, Windows XP, and Windows 2000, 4th edn. Microsoft Press, Washington, pp 192–196
Satyanarayanan M (2001) Pervasive computing: vision and challenges. Pers Commun, 8(4):10–17
Waldhart NA (1990) The army secure operating system. In: Proceedings of IEEE computer society symposium on research in security and privacy, California, pp 50–60
Weiser M (1991) The computer for the twenty-first century. Sci Am 265(3):94–104
Zhang YX, Peng YK, Zhou YZ, Fang CH (2003) Manageable multimedia network computer. Acta Electron Sin 31(12):2054–2058 (in Chinese)
Zhang YX, Zhou YZ (2006) Transparent computing: A new paradigm for pervasive computing. In: Proceedings of 3rd international conference on ubiquitous intelligence and computing, Wuhan, China, pp 1–11
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Tan, Z., Liu, D., Zhuo, X. et al. Implementation and performance analysis of multilevel security system in pervasive computing environment. J Supercomput 66, 1243–1259 (2013). https://doi.org/10.1007/s11227-011-0732-z
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-011-0732-z