Operating system security by integrity checking and recovery using write-protected storage - Publication - Bridge of Knowledge

Search

Operating system security by integrity checking and recovery using write-protected storage

Abstract

The paper presents an Integrity Checking and Recovery (ICAR) system which protects file system integrity and automatically restores modified files. The system enables files cryptographic hashes generation and verification, as well as configuration of security constraints. All of the crucial data, including ICAR system binaries, file backups and hashes database are stored in a physically write protected storage to eliminate the threat of unauthorized modification. A buffering mechanism was designed and implemented in the system to increase operation performance. Additionally, the system supplies user tools for cryptographic hash generation and security database management. The system is implemented as a kernel extension, compliant with the Linux Security Model. Experimental evaluation of the system was performed and showed an approximate 10% performance degradation in secured file access compared to regular access.

Citations

  • 9

    CrossRef

  • 0

    Web of Science

  • 1 2

    Scopus

Keywords

Details

Category:
Articles
Type:
artykuł w czasopiśmie wyróżnionym w JCR
Published in:
IET Information Security no. 8, edition 2, pages 122 - 131,
ISSN: 1751-8709
Language:
English
Publication year:
2014
Bibliographic description:
Kaczmarek J., Wróbel M.: Operating system security by integrity checking and recovery using write-protected storage// IET Information Security. -Vol. 8, iss. 2 (2014), s.122-131
DOI:
Digital Object Identifier (open in new tab) 10.1049/iet-ifs.2012.0346
Verified by:
Gdańsk University of Technology

seen 107 times

Recommended for you

Meta Tags