![]() FILEPRO can be one of those modules, which can be deployed into new Kernel's releases. In Linux-based systems, Kernel source consists of modules that are enhanced to release new versions of the operating systems. In this paper, we provide a file access mechanism called "FILEPRO", a loadable Kernel module that allows users to protect their own files from super users and some group users, while granting an access level to certain group members. Such a situation can not be achieved by using the existing file access controls provided in Linux operating systems such as ACL. file(s) from all system users including super users (not root user) and some users within the file(s) group, while allowing specific group user(s) to access the file(s). In many situations, we may need to allow a user to prohibit his. These controls include file access permissions, users' grouping and access control lists. Linux operating system and its variants contain several native protection mechanisms that enforce file access policy. Most operating systems have protection mechanisms that prevent unauthorized disclosure and enforce integrity at a file level. Our designed algorithms are implemented by modification of the Linux kernel and the WLAN device driver source code, and the test results of our designed algorithms are presented. In this algorithm, we create a new table which contains information of unnecessary packets in kernels, and the ineffective packets are filtered according to the tabled information in the early stage of the MAC layer. In order to reduce the unnecessary overhead, this paper proposes an automatic elimination algorithm for ineffective packets. If the smart terminals receive a lot of ineffective packets, the processing time for these packets are unnecessary overhead. Then the smart terminals transfer the packets to an upper layer and the packets are eliminated at. Smart terminals that receive unnecessary packets store them into a socket buffer instead of dropping them immediately. Thus, we propose an algorithm to improve these problems. This paper presents the problems when Linux-based smart terminals receive unnecessary packets from Wireless LAN environments. And this model is implemented into the Linux kernel 2.4.7. This paper presents an extended BLP (E-BLP) model in which process reliability is considered and solves the security level decision problem. Moreover, when the leveled programs which exist as objects in a disk are executed by a process and have different level from the process level, the security level decision problem occurs. These problems can be solved by defining the subject as (user, process) ordered pair and by defining the process reliability. ![]() or modification threat by malicious or unreliable processes even though the user is authorized in the system. So, there could be information disclosure threat. However, user\`s security level in the most developed systems based on the BLP model is inherited to a process that is actual subject on behalf of the user, regardless whatever the process behavior is. To design and develop secure operating systems, the BLP (Bell-La Padula) model that represents the MLP (Multi-Level Policy) has been widely adopted. Latham Assistant Secretary of Defense (Command, Control, Communications, and Intelligence) Other federal agencies and the public may obtain copies from: Office of Standards and Products, National Computer Security Center, Fort Meade, MD 20755-6000, Attention: Chief, Computer Security Standards. DoD Components may obtain copies of this publication through their own publications channels. Address all proposals for revision through appropriate channels to: National Computer Security Center, Attention: Chief, Computer Security Standards. Recommendations for revisions to this publication are encouraged and will be reviewed biannually by the National Computer Security Center through a formal review process. This publication is effective immediately and is mandatory for use by all DoD Components in carrying out ADP system technical security evaluation activities applicable to the processing and storage of classified and other sensitive DoD information and applications as set forth herein. This document apply to the Office of the Secretary of Defense (ASD), the Military Departments, the Organization of the Joint Chiefs of Staff, the Unified and Specified Commands, the Defense Agencies and activities administratively supported by OSD (hereafter called "DoD Components").
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |