DYNAMIC MANDATORY ACCESS CONTROL FOR MULTIPLE STAKEHOLDERS

Open Access
- Author:
- Rao, Vikhyath
- Graduate Program:
- Computer Science and Engineering
- Degree:
- Master of Science
- Document Type:
- Master Thesis
- Date of Defense:
- November 20, 2009
- Committee Members:
- Trent Ray Jaeger, Thesis Advisor/Co-Advisor
Trent Ray Jaeger, Thesis Advisor/Co-Advisor
Patrick Drew Mcdaniel, Thesis Advisor/Co-Advisor - Keywords:
- mobile phones
security
access control
multiple stakeholders - Abstract:
- In this thesis, we present a mandatory access control system that uses input from multiple stakeholders to compose policies based on runtime information. In the emerging open cell phone system environment, many devices run software whose access permissions depends on multiple stakeholders, such as the device owner, the service provider, the application owner, etc. However, current access control ad- ministration remains as either mandatory, requiring a single system administrator to know every possible permission, or discretionary, allowing possibly compromised processes to administer permissions. A key problem is that the system should limit arbitrary programs while allowing reasonable functionality. However, conflicting permissions and permission dependencies may lead to an attack, such as allowing voice-over-IP calls. In our approach, we use a "soft" sandboxing mechanism to first contain such processes, request the stakeholder to authorize operations outside the sandbox that are not prohibited by policy, and maintain a runtime execution role for the process to identify its access state to the stakeholders. Our framework was implemented by modifying the SELinux module and using a remote proxy policy server. We incur a 0.288 microsecond performance overhead only when stakeholders need to be consulted, and new permissions are cached.