 |
Conference papers
Information Flow Tracking for Linux Handling Concurrent System Calls and Shared Memory
Abstract : Information flow control can be used at the Operating System level to enforce restrictions on the diffusion of security-sensitive data. In Linux, information flow trackers are often implemented as Linux Security Modules. They can fail to monitor some indirect flows when flows occur concurrently and affect the same containers of information. Furthermore, they are not able to monitor the flows due to file mappings in memory and shared memory between processes. We first present two attacks to evade state-of-the-art LSM-based trackers. We then describe an approach, formally proved with Coq to perform information flow tracking able to cope with concurrency and in-memory flows. We demonstrate its implementability and usefulness in Rfblare, a race condition-free version of the flow tracking done by KBlare.
Cited literature [12 references]
https://hal.sorbonne-universite.fr/hal-01535949
Contributor : Mathieu Jaume <>
Submitted on : Friday, June 9, 2017 - 5:29:56 PM
Last modification on : Friday, January 8, 2021 - 5:38:07 PM
Long-term archiving on: : Monday, January 22, 2018 - 10:35:48 PM
Contributor : Mathieu Jaume <>
Submitted on : Friday, June 9, 2017 - 5:29:56 PM
Last modification on : Friday, January 8, 2021 - 5:38:07 PM
Long-term archiving on: : Monday, January 22, 2018 - 10:35:48 PM
File
sefm2017.pdf
Files produced by the author(s)