Skip to main content
SpringerLink
Log in

Implementation and performance analysis of multilevel security system in pervasive computing environment

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

This paper presents the design and implementation features of Centralized Pervasive Computing Environment/Multilevel Security (CPCE/MLS), a multilevel security (MLS) system in pervasive computing environment deployed in Local area network (LAN) with a Mandatory Access Control (MAC) mechanism. By introducing the server-storage terminals and implementing the multilevel security access control mechanism based on the Bell–LaPadula model, process creation supervision, and an auditing mechanism, the CPCE/MLS system is able to provide the security guarantee of the whole computing environment. As such, each terminal is controlled under an integrated security policy. The performance test results show that the CPCE/MLS system, without optimization, generates great overhead but achieves significantly better performance after the cache mechanism is added in the monitor agent and in the hook driver. The system with the hook driver cache mechanism is able to achieve the 95.9% throughput of the native system with 8 K and 16 K requested data blocksize.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Similar content being viewed by others

References

  1. Ahmad I, Anderson JM, Holler AM, Kambo R, Makhija V (2003) An analysis of disk performance in VMware ESX server virtual machines. In: Proceedings of annual workshop on workload characterization, Texas

    Google Scholar 

  2. Ambient Devices Inc (2009) Ambient devices: products. Available at http://www.ambientdevices.com/

  3. Anderson JP (1972) Computer security technology planning study. Tech Rep ESD-TR-73-51 Vol II, HQ Electronic Systems Division (AFSC)

  4. Bell DE, LaPadula LJ (1976) Secure computer system: unified exposition and Multics interpretation. MITRE report MTR 2997

  5. Boukerche A, Ren Y (2008) A trust-based security system for ubiquitous and pervasive computing environments. Comput Commun 31(18):4343–4351

    Article  Google Scholar 

  6. Campbell R, Al-Muhtadi J, Naldurg P, Sampemane G, Mickunas MD (2002) Towards security and privacy for pervasive computing. In: Proceedings of the 2002 Mext-NSF-JSPS international conference on software security: theories and systems

    Google Scholar 

  7. Computer Security Institute (2008) 2008 CSI computer crime and security survey. Available at http://i.cmpnet.com/v2.gocsi.com/pdf/CSISurvey2008.pdf

  8. Creese S, Goldsmith M, Roscoe B, Zakiuddin I (2004) Security in pervasive computing 2003. Lect Notes Comput Sci 2802:116–129

    Article  Google Scholar 

  9. FlinkII CW, Weiss JD (1988) System V/MLS labeling and mandatory policy alternatives. AT&T Tech J 67(3):53–64

    Article  Google Scholar 

  10. Gligor VD, Burch EL, Chandersekaran CS (1987) On the design and the implementation of secure Xenix workstation. In: Proceedings of IEEE symposium on security and privacy, California, pp 102–117

    Google Scholar 

  11. Kagal L, Undercoffer J, Perich F, Joshi A, Finin T (2005) A security architecture based on trust management for pervasive computing systems. Tech Rep, Defense Advanced Research Projects Agency

  12. Landwehr CE, Heitmeyer CL, McLean J (1984) A security model for military message systems. ACM Trans Comput Syst 9(3):198–222

    Article  Google Scholar 

  13. Loscocco P, Smalley S (2001) Integrating flexible support for security policies into the Linux operating system. In: Proceedings of FREENIX track: USENIX annual technical conference, Massachusetts, pp 29–42

    Google Scholar 

  14. MIT Project Oxygen (2004) Oxygen project overview. Available at http://www.oxygen.lcs.mit.edu/Overview.html

  15. Russinovich ME, Solomon DA (2004) Microsoft Windows internals. In: Microsoft Windows Server 2003, Windows XP, and Windows 2000, 4th edn. Microsoft Press, Washington, pp 192–196

    Google Scholar 

  16. Satyanarayanan M (2001) Pervasive computing: vision and challenges. Pers Commun, 8(4):10–17

    Article  Google Scholar 

  17. Waldhart NA (1990) The army secure operating system. In: Proceedings of IEEE computer society symposium on research in security and privacy, California, pp 50–60

    Chapter  Google Scholar 

  18. Weiser M (1991) The computer for the twenty-first century. Sci Am 265(3):94–104

    Article  Google Scholar 

  19. Zhang YX, Peng YK, Zhou YZ, Fang CH (2003) Manageable multimedia network computer. Acta Electron Sin 31(12):2054–2058 (in Chinese)

    Google Scholar 

  20. Zhang YX, Zhou YZ (2006) Transparent computing: A new paradigm for pervasive computing. In: Proceedings of 3rd international conference on ubiquitous intelligence and computing, Wuhan, China, pp 1–11

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Technology, Tsinghua University, Beijing, 100084, China

    Zhiyong Tan, Duo Liu, Xuejun Zhuo & Yiqi Dai

  2. Department of Computer Science, St Francis Xavier University, Antigonish, NS, B2G 2W5, Canada

    Laurence T. Yang

Authors
  1. Zhiyong Tan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Duo Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xuejun Zhuo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yiqi Dai
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Laurence T. Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Zhiyong Tan.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Tan, Z., Liu, D., Zhuo, X. et al. Implementation and performance analysis of multilevel security system in pervasive computing environment. J Supercomput 66, 1243–1259 (2013). https://doi.org/10.1007/s11227-011-0732-z

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-011-0732-z

Keywords

Search

Navigation