Introducing Role-based Access Control to a Secure Virtual Machine Monitor: Security Policy Enforcement Mechanism for Distributed Computers

被引：4

作者：

Hirano, Manabu ^{[1
]}

Shinagawa, Takahiro ^{[2
]}

Eiraku, Hideki ^{[2
]}

Hasegawa, Shoichi ^{[2
]}

Omote, Kazumasa ^{[2
]}

Tanimoto, Koichi ^{[2
]}

Horie, Takashi ^{[2
]}

Kato, Kazuhiko ^{[2
]}

Okuda, Takeshi ^{[3
]}

Kawai, Eiji ^{[3
]}

Yamaguchi, Suguru ^{[3
]}

机构：

[1] Toyota Natl Coll Technol, Dept Informat & Comp Engn, 2-1 Sakae, Aichi, Japan

[2] Univ Tsukuba, Grad Sch ISE, Dept Comp Sci, Ibaraki, Japan

[3] Nara Inst Sci & Technol, Grad Sch Informat Sci, Nara, Japan

来源：

2008 IEEE ASIA-PACIFIC SERVICES COMPUTING CONFERENCE, VOLS 1-3, PROCEEDINGS | 2008年

关键词：

D O I：

10.1109/APSCC.2008.14

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

In recent years, as the data processed by governmental or commercial organizations increases, cases involving information leak have risen. It is difficult to control information on many distributed end-point computers using conventional security mechanisms. Therefore, we have been proposed a novel secure VMM (Virtual Machine Monitor) architecture which is used as a foundation of security policy enforcement on distributed computers. This paper especially introduces Role-based Access Control (RBAC) to the ID management framework in a secure VMM system. Our proposal will reduce costs for distributed policies updates. Proposed RBAC mechanism employs attribute certificates (ACs) to handle user's roles. This paper shows design and prototype implementation based on PKI-based ID card and proven open source VMM software, QEMU.

引用

页码：1225 / +

页数：2

共 50 条

[31] Role-based Access Control for Memory Security on Network-on-Chips
Chen, Song-Tao
Xu, Lin-Fu
Hang, Yan-Xi
Li, Lun-wei
2016 13TH IEEE INTERNATIONAL CONFERENCE ON SOLID-STATE AND INTEGRATED CIRCUIT TECHNOLOGY (ICSICT), 2016, : 1422 - 1424
[32] dRBAC: Distributed role-based access control for dynamic coalition environments
Freudenthal, E
Pesin, T
Port, L
Keenan, E
Karamcheti, V
22ND INTERNATIONAL CONFERENCE ON DISTRIBUTED COMPUTING SYSTEMS, PROCEEDINGS, 2002, : 411 - 420
[33] Meta-policies for distributed role-based access control systems
Belokosztolszki, A
Moody, K
THIRD INTERNATION WORKSHOP ON POLICIES FOR DISTRIBUTED SYSTEMS AND NETWORKS, PROCEEDINGS, 2002, : 106 - 115
[34] Early Validation and Verification of a Distributed Role-Based Access Control Model
Zafar, Saad
Colvin, Robert
Winter, Kirsten
Yatapanage, Nisansala
Dromey, R. G.
14TH ASIA-PACIFIC SOFTWARE ENGINEERING CONFERENCE, PROCEEDINGS, 2007, : 430 - +
[35] Cryptographically Enforced Role-Based Access Control for NoSQL Distributed Databases
Shalabi, Yossif
Gudes, Ehud
DATA AND APPLICATIONS SECURITY AND PRIVACY XXXI, DBSEC 2017, 2017, 10359 : 3 - 19
[36] A secure, constraint-aware role-based access control interoperation framework
Baracaldo N.
Masoumzadeh A.
Joshi J.
Proceedings - 2011 5th International Conference on Network and System Security, NSS 2011, 2011, : 200 - 207
[37] An object oriented role-based access control model for secure domain environments
Department of Electrical and Computer Engineering, Ryerson University, Toronto, ON, M5B 2K3, Canada
Int. J. Netw. Secur., 2007, 1 (10-16):
[38] Achieving Secure Role-Based Access Control on Encrypted Data in Cloud Storage
Zhou, Lan
Varadharajan, Vijay
Hitchens, Michael
IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2013, 8 (12) : 1947 - 1960
[39] Implement of Agent with Role-based Hierarchy Access Control for Secure Grouping IoTs
Chen, Hsing-Chung
Chang, Chia-Hui
Leu, Fang-Yie
2017 14TH IEEE ANNUAL CONSUMER COMMUNICATIONS & NETWORKING CONFERENCE (CCNC), 2017, : 120 - 125
[40] A Virtual Machine Based Information Flow Control System for Policy Enforcement
Naira, Srijith K.
Simpson, Patrick N. D.
Crispo, Bruno
Tanenbaum, Andrew S.
ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE, 2008, 197 (01) : 3 - 16

← 1 2 3 4 5 →