skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Integrity Levels: A New Paradigm for Protecting Computing Systems

Technical Report ·
DOI:https://doi.org/10.2172/1490662· OSTI ID:1490662
 [1];  [1]
  1. Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
+ Show Author Affiliations

As the field of determined and increasingly sophisticated adversaries multiplies, the risk to integrity of deployed computing devices magnifies. Given the ubiquitous connectivity, substantial storage, and accessibility, the increased reliance on computer platforms make them a significant target for attackers. Over the past decade, malware has transitioned from attacking a single program to subverting the operating system (OS) kernel by means of what is commonly known as a rootkit. While computer systems require patches to fix newly discovered vulnerabilities, undiscovered vulnerabilities remain Furthermore, typical solutions utilize mechanisms that operate within the OS. If the OS becomes compromised, these mechanisms may be vulnerable to being disabled or upon detection of the potential compromise, being "shut down" until patched or otherwise mitigated. We propose an innovative approach to designing computer systems that allows the behavior or functionality of the computer system to change based on the integrity of the system. Instead of attempting to prevent or detect all malware attacks, our proposed approach allows possible graceful degradation of functionality according to the security policy specification as anomalies of security concern are detected. We believe this innovative paradigm can determine the "integrity lever of the system. Based on the integrity level, the computer system may behave differently or limit access to data.

Research Organization:
Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
Sponsoring Organization:
USDOE National Nuclear Security Administration (NNSA); USDOE Laboratory Directed Research and Development (LDRD) Program
DOE Contract Number:
AC04-94AL85000
OSTI ID:
1490662
Report Number(s):
SAND-2014-17697; 671280
Country of Publication:
United States
Language:
English

Similar Records

Autonomous System Inference, Trojan, and Adversarial Reprogramming Attack and Defense (Final)
Technical Report · Fri Sep 01 00:00:00 EDT 2023 · OSTI ID:1490662
A Privacy-Preserving Strategy for the Trust Layer of the Energy Grid of Things Distributed Energy Resource Management System
Other · Mon Jul 18 00:00:00 EDT 2022 · OSTI ID:1490662
Attack on Grid Event Cause Analysis: An Adversarial Machine Learning Approach
Conference · Sat Feb 01 00:00:00 EST 2020 · 2020 IEEE Power & Energy Society Innovative Smart Grid Technologies Conference (ISGT) · OSTI ID:1490662

Related Subjects

97 MATHEMATICS AND COMPUTING