Proceedings of the Institute for System Programming of the RAS
RUS  ENG    JOURNALS   PEOPLE   ORGANISATIONS   CONFERENCES   SEMINARS   VIDEO LIBRARY   PACKAGE AMSBIB  
General information
Latest issue
Archive

Search papers
Search references

RSS
Latest issue
Current issues
Archive issues
What is RSS



Proceedings of ISP RAS:
Year:
Volume:
Issue:
Page:
Find






Personal entry:
Login:
Password:
Save password
Enter
Forgotten password?
Register


Proceedings of the Institute for System Programming of the RAS, 2020, Volume 32, Issue 1, Pages 27–56
DOI: https://doi.org/10.15514/ISPRAS-2020-32(1)-2
(Mi tisp484)
 

This article is cited in 1 scientific paper (total in 1 paper)

A mandatory integrity control model for the KasperskyOS operating system

V. S. Burenkov, D. A. Kulagin

AO Kaspersky Lab
Full-text PDF (641 kB) Citations (1)
References:
Abstract: Existing models of mandatory integrity control in operating systems restrict accesses of active components of a system to passive ones and represent the accesses directly: subjects get read or write access to objects. Such a representation can be used in modeling of monolithic operating systems whose components that provide access to resources are part of the trusted computing base. However, the implementation of these components is extremely complex. Therefore, it is arduous to prove the absence of bugs (vulnerabilities) in them. In other words, proving such a model to be adequate to the real system is nontrivial and often left unsolved. This article presents a mandatory integrity control model for a microkernel operating system called KasperskyOS. Microkernel organization of the system allows us to minimize the trusted computing base to include only the microkernel and a limited number of other components. Parts of the system that provide resource access are generally considered untrusted. Even if some of them are erroneous, the operating system can still provide particular security guarantees. To prove that by means of a model, we introduce the notion of object drivers as intermediaries in operations on objects. We define the requirements that object drivers must satisfy. We also add the means for analysis of the consequences of violations of the requirements. We state and prove that the model either preserves integrity if all active components satisfy the requirements, or restricts the negative impact if some of the components are compromised. Correct implementation of the model guarantees that compromised components will not affect components with higher or incomparable integrity levels. We describe a policy specification language developed in accordance with the model. We provide an example of using it to describe a security policy that ensures a correct update of a system operated by KasperskyOS.
Keywords: mandatory integrity control, operating system, KasperskyOS.
Document Type: Article
Language: Russian
Citation: V. S. Burenkov, D. A. Kulagin, “A mandatory integrity control model for the KasperskyOS operating system”, Proceedings of ISP RAS, 32:1 (2020), 27–56
Citation in format AMSBIB
\Bibitem{BurKul20}
\by V.~S.~Burenkov, D.~A.~Kulagin
\paper A mandatory integrity control model for the KasperskyOS operating system
\jour Proceedings of ISP RAS
\yr 2020
\vol 32
\issue 1
\pages 27--56
\mathnet{http://mi.mathnet.ru/tisp484}
\crossref{https://doi.org/10.15514/ISPRAS-2020-32(1)-2}
Linking options:
  • https://www.mathnet.ru/eng/tisp484
  • https://www.mathnet.ru/eng/tisp/v32/i1/p27
  • This publication is cited in the following 1 articles:
    Citing articles in Google Scholar: Russian citations, English citations
    Related articles in Google Scholar: Russian articles, English articles
    Proceedings of the Institute for System Programming of the RAS
    Statistics & downloads:
    Abstract page:320
    Full-text PDF :146
    References:39
     
      Contact us:
     Terms of Use  Registration to the website  Logotypes © Steklov Mathematical Institute RAS, 2024