Abstract
The paper presents an Integrity Checking and Recovery (ICAR) system which protects file system integrity and automatically restores modified files. The system enables files cryptographic hashes generation and verification, as well as configuration of security constraints. All of the crucial data, including ICAR system binaries, file backups and hashes database are stored in a physically write protected storage to eliminate the threat of unauthorized modification. A buffering mechanism was designed and implemented in the system to increase operation performance. Additionally, the system supplies user tools for cryptographic hash generation and security database management. The system is implemented as a kernel extension, compliant with the Linux Security Model. Experimental evaluation of the system was performed and showed an approximate 10% performance degradation in secured file access compared to regular access.
Citations
-
9
CrossRef
-
0
Web of Science
-
1 2
Scopus
Authors (2)
Cite as
Full text
- Publication version
- Accepted or Published Version
- DOI:
- Digital Object Identifier (open in new tab) 10.1049/iet-ifs.2012.0346
- License
- open in new tab
Keywords
Details
- Category:
- Articles
- Type:
- artykuł w czasopiśmie wyróżnionym w JCR
- Published in:
-
IET Information Security
no. 8,
edition 2,
pages 122 - 131,
ISSN: 1751-8709 - Language:
- English
- Publication year:
- 2014
- Bibliographic description:
- Kaczmarek J., Wróbel M.: Operating system security by integrity checking and recovery using write-protected storage// IET Information Security. -Vol. 8, iss. 2 (2014), s.122-131
- DOI:
- Digital Object Identifier (open in new tab) 10.1049/iet-ifs.2012.0346
- Verified by:
- Gdańsk University of Technology
seen 107 times