Back to Search
Start Over
Information Leakage and Capability Forgery in a Capability-Based Operating System Kernel.
- Source :
- On the Move to Meaningful Internet Systems 2006: OTM 2006 Workshops; 2006, p517-526, 10p
- Publication Year :
- 2006
-
Abstract
- The Password-Capability System has been designed as an operating system kernel suitable for general-purpose computing in a hostile environment. It has an access control mechanism based on password-capabilities, on top of which a confinement mechanism and a type management mechanism are layered. This paper studies the security of these mechanisms. We find that the mechanisms leak information which can be utilised by an attacker. Furthermore, we find that conditions placed on the generation of password-capabilities by the mechanisms enable the attacker to forge password-capabilities more efficiently than by exhaustive search. We show that all the discovered attacks can be prevented. This paves the way for the use of the mechanisms in a highly secure third-generation of the Password-Capability System. Keywords: Password-capabilities, access control, security analysis. [ABSTRACT FROM AUTHOR]
Details
- Language :
- English
- ISBNs :
- 9783540482697
- Database :
- Complementary Index
- Journal :
- On the Move to Meaningful Internet Systems 2006: OTM 2006 Workshops
- Publication Type :
- Book
- Accession number :
- 32915706
- Full Text :
- https://doi.org/10.1007/11915034_75