案例研究:使用过滤器钩子驱动程序的文件访问隐私控制

2009 IEEE International Symposium on Parallel and Distributed Processing with Applications Pub Date : 2009-08-18 DOI:10.1109/ISPA.2009.61

A. He, T. Ohdaira

{"title":"案例研究:使用过滤器钩子驱动程序的文件访问隐私控制","authors":"A. He, T. Ohdaira","doi":"10.1109/ISPA.2009.61","DOIUrl":null,"url":null,"abstract":"Sand-box security model is extremely useful for secure execution of untrusted applications. Many sand-box model based security systems proposed so far provide security by intercepting system calls invoked by applications and controlling their execution. However, a problem in existing sand-box based systems is the amount of overhead required for security checks performed after system call interception. In addition, it is difficult for computer novices to manage their security systems because the system settings are complex. In this paper, a function was proposed and implemented to monitor only the file access in Microsoft Windows environment. Test result shows that this function could protect files from unallowed access and then minimize the overhead of application execution time.","PeriodicalId":346815,"journal":{"name":"2009 IEEE International Symposium on Parallel and Distributed Processing with Applications","volume":"10 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"A Case Study: File Access Privacy Control Using Filter Hook Driver\",\"authors\":\"A. He, T. Ohdaira\",\"doi\":\"10.1109/ISPA.2009.61\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Sand-box security model is extremely useful for secure execution of untrusted applications. Many sand-box model based security systems proposed so far provide security by intercepting system calls invoked by applications and controlling their execution. However, a problem in existing sand-box based systems is the amount of overhead required for security checks performed after system call interception. In addition, it is difficult for computer novices to manage their security systems because the system settings are complex. In this paper, a function was proposed and implemented to monitor only the file access in Microsoft Windows environment. Test result shows that this function could protect files from unallowed access and then minimize the overhead of application execution time.\",\"PeriodicalId\":346815,\"journal\":{\"name\":\"2009 IEEE International Symposium on Parallel and Distributed Processing with Applications\",\"volume\":\"10 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-08-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2009 IEEE International Symposium on Parallel and Distributed Processing with Applications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISPA.2009.61\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 IEEE International Symposium on Parallel and Distributed Processing with Applications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISPA.2009.61","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

沙盒安全模型对于不受信任的应用程序的安全执行非常有用。目前提出的许多基于沙盒模型的安全系统通过拦截应用程序调用的系统调用并控制其执行来提供安全性。然而，现有基于沙盒的系统中的一个问题是，在系统调用拦截之后执行安全检查所需的开销。此外，由于系统设置复杂，计算机新手很难管理他们的安全系统。本文提出并实现了一个在Microsoft Windows环境下仅对文件访问进行监控的功能。测试结果表明，该函数可以保护文件免受不允许的访问，从而最大限度地减少应用程序执行时间的开销。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A Case Study: File Access Privacy Control Using Filter Hook Driver

Sand-box security model is extremely useful for secure execution of untrusted applications. Many sand-box model based security systems proposed so far provide security by intercepting system calls invoked by applications and controlling their execution. However, a problem in existing sand-box based systems is the amount of overhead required for security checks performed after system call interception. In addition, it is difficult for computer novices to manage their security systems because the system settings are complex. In this paper, a function was proposed and implemented to monitor only the file access in Microsoft Windows environment. Test result shows that this function could protect files from unallowed access and then minimize the overhead of application execution time.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2009 IEEE International Symposium on Parallel and Distributed Processing with Applications

自引率

0.00%

发文量