Computer Security and
Cryptography Reading Group
February 2003 List
Date & Location |
Reading |
12 Feb. 2003
1304 CS
2:30 - 3:30 PM
|
John McLean
Center for High
Assurance Computer Systems,
NRL
The Specification and Modeling of
Computer Security
URL: http://citeseer.nj.nec.com/mclean90specification.html
Computer security models are
specifications designed, among other
things, to limit the damage caused by
Trojan Horse programs such as computer
viruses. Recent work in such models
has revealed limitations of the widely
accepted model of Bell and LaPadula.
This paper provides an introduction to
computer security modeling in general,
the Bell and LaPadula model in
particular, and the limitations of the
model. Many of the issues raised are
of interest not simply to the security
community, but for the software
specification community as a whole. We
then construct a framework for
security models that address these
limitations. The result is a model
that not only better addresses
government security policies, but
nongovernment security policies as
well.
|
19 Feb. 2003
1304 CS
2:30 - 3:30 PM
|
Peter Loscocco, Stephen Smalley
NSA, NAI Labs
Integrating Flexible Support for
Security Policies into the Linux
Operating System
URL: http://www.nsa.gov/selinux/freenix01-abs.html
The protection mechanisms of current
mainstream operating systems are
inadequate to support confidentiality
and integrity requirements for end
systems. Mandatory access control
(MAC) is needed to address such
requirements, but the limitations of
traditional MAC have inhibited its
adoption into mainstream operating
systems. The National Security Agency
(NSA) worked with Secure Computing
Corporation (SCC) to develop a
flexible MAC architecture called Flask
to overcome the limitations of
traditional MAC. The NSA has
implemented this architecture in the
Linux operating system, producing a
Security-Enhanced Linux (SELinux)
prototype, to make the technology
available to a wider community and to
enable further research into secure
operating systems. NAI Labs has
developed an example security policy
configuration to demonstrate the
benefits of the architecture and to
provide a foundation for others to
use. This paper describes the security
architecture, security mechanisms,
application programming interface,
security policy configuration, and
performance of SELinux.
|
26 Feb. 2003
1304 CS
2:30 - 3:30 PM
|
Chris Karlof, David Wagner
University of California, Berkeley
Secure Routing in Wireless Sensor
Networks: Attacks and
Countermeasures
URL: http://www.cs.berkeley.edu/~daw/papers/senroute-snpa03.ps
We consider routing security in
wireless sensor networks. Many sensor
network routing protocols have been
proposed, but none of them have been
designed with security as a goal. We
propose security goals for routing in
sensor networks, show how attacks
against ad-hoc and peer-to-peer
networks can be adapted into powerful
attacks against sensor networks,
introduce two classes of novel attacks
against sensor networks - sinkholes
and HELLO floods, and analyze the
security of all the major sensor
network routing protocols. We describe
crippling attacks against all of them
and suggest countermeasures and design
considerations. This is the first such
analysis of secure routing in sensor
networks.
|
|
< Back to the Sec & Crypto reading group page
|