Automatic Security Testing for Linux Enhancement
In this paper, methods and technologies for automating security testing of Linux-based systems are discussed. The focus is on enhancing security through the implementation of least privilege mechanisms in the Linux environment. Various security modules and testing frameworks are explored to achieve robust security measures. The architecture, testing platform, and components of automatic security testing are analyzed for optimizing security protocols.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
IMPLEMENTATION AND AUTOMATIC TESTING FOR SECURITY ENHANCEMENT OF LINUX BASED ON LEAST PRIVILEGE -Nandini BV
CONTENTS/AGENDA Abstract Automatization of Security testing for SOS Security enhancement of Linux based on LPM Automatic security testing of LPM Summary References
ABSTRACT In this paper, methods and technologies about how to test a SOS automatically are discussed. Least privilege is studied and the corresponding modules of security enhancement are added to Linux based on Linux Kernel Modules (LKM). Finally, a prototype of automatic security testing as to such least privilege mechanism is implemented. Results are analysed.
FRAMEWORK OF AUTOMATIC TESTING PLATFORM FOR SOS
MODULAR DESIGN FOR SYSTEM CALL TESTERS Basic steps to test a system call Modular structure of a system call tester
SECURITY ENHANCEMENT AS TO LINUX BASED ON LEAST PRIVILEGE The algorithm can be described as follows: pI* = pI | pIadd pE' = ( fP | ( fI & pI*) ) ) & fE & pB & gB pI' = pI* & fI & fB pB' = pB & fB
AUTOMATIC SECURITY TESTING OF LEAST PRIVILEGE MECHANISMS Analysis of testing target Design and implementation of automatic security testing platform. Components of automatic testing security platform
ARCHITECTURE OF THE SOS PROTOTYPE
TESTS AND RESULTS TESTS RESULTS Set up testing environment e.g. install SEM Execute Testing on process privileges and process execution before install SEM No error occur for testing before installing SEM and installing itself
Execute testing on installing SEM Expected errors are returned under the condition of exceeding one s authority for access testing Only security manager and system operator execute uninstall operations work successfully. Execute testing on -role privilege -process privilege -SEM uninstalling etc after install SEM.
SUMMARY Automatic security testing methods for SOS put forward in this paper are feasible and effective. They can be improved and extended to be used to build up automatic security testing platform for entire SOS and implement deep security tests in the next step. Automatization of generating test cases based on security requirement and/or security evaluation criteria can be further studied in future.
REFERENCES [1] Gaoshou Zhai, Zeng Jie, Miaoxia Ma, Liang Zhang, Automatization of security testing as to secure operating system , Proceedings of CNCC 2007, Tsinghua university printing house, 2007.(in Chinese) [2] Pihui Wei, Sihan Qing, Jian Huang, "An evaluation system for secure operating system", Computer Engineering,vol.29, no.22, 2003, pp.135-137.(in Chinese) [3] R.S.Sandhu, et al. Role Based Access Control Models , IEEE Computer 29(2): 38-47, IEEE Press, 1996.
