How to make Discretionary Access Control Resistant to Trojan Horses

Channel:
Microsoft Research
Subscribers:
345,000
Published on ● Video Link: https://www.youtube.com/watch?v=epzEW5KUcGI


Category:
Guide
Duration: 1:17:41
310 views
1

Modern operating systems primarily use Discretionary Access Control (DAC) to protect files and other operating system resources. DAC mechanisms are more user-friendly than Mandatory Access Control (MAC) systems, but are vulnerable to trojan horse attacks and attacks exploiting buggy software. We show that it is possible to have the best of both worlds: DAC's easy-to-use discretionary policy specification and MAC's defense against trojan horses and buggy programs. This is made possible by a key new insight that DAC has this weakness not because it uses the discretionary principle, but because existing DAC enforcement mechanisms assume that a single principal is responsible for any request, whereas in reality a request may be influenced by multiple principals; thus these mechanisms cannot correctly identify the true origin(s) of a request and fall prey to trojan horses. We propose to solve this problem by combining DAC's policy specification with new enforcement techniques that use ideas from MAC's information flow tracking. Our model, called Information Flow Enhanced Discretionary Access Control (IFEDAC), is the first DAC model that can defend against trojan horses and attacks exploiting buggy software. IFEDAC significantly strengthens end host security, while preserving to a large degree DAC's ease of use. In this talk, we present the IFEDAC model, analyze its security properties, and discuss our design and implementation for Linux.



Other Videos By Microsoft Research


2016-09-06Multi-view approaches for camera calibration and image-based modeling
2016-09-06Securing the Web With Decentralized Information Flow Control
2016-09-06Reconstruction and visualization of large photo collections
2016-09-06Media Computation: Introducing Computing Contextualized in Video and Audio Processing
2016-09-06MOSAIC: Unified Platform for Dynamic Overlay Selection and Composition
2016-09-06Computational Insights Into the Social Life of Zebras and Other Animals
2016-09-06Debugging Reinvented: Asking and Answering Why and Why Not Questions about Program Behavior [1/17]
2016-09-06CitySense: A Vision for an Urban-Scale Wireless Sensor Testbed
2016-09-06Why task-structure matters: The effects of task and social forces on software development
2016-09-06Robust Face Recognition via Sparse Representation
2016-09-06How to make Discretionary Access Control Resistant to Trojan Horses
2016-09-06Modeling Intention in Email: Speech Acts, Information Leaks and User Ranking Methods [1/2]
2016-09-06Techniques and Tools for Engineering Secure Web Applications
2016-09-06Should Machines Emulate Human Speech Recognition?
2016-09-06PLOW: A Collaborative Task Learning Agent
2016-09-06Building Bodies of Knowledge about Software Development Practices
2016-09-06The Manticore Project
2016-09-06Abstractions for event-driven design [1/14]
2016-09-06Generation of dense linear algebra software for shared memory and multicore architectures
2016-09-06The Computation of Economic equilibria [1/2]
2016-09-06Class Morphing: Safely Shaping a Class in the Image of Others [1/3]


Tags:
microsoft research