CFP last date
20 January 2025
Reseach Article

An Investigation into Access Control in Various Types of Operating Systems

by Mohamed A. Ismail, H. Aboelseoud M, Mohamed B. Senousy
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 98 - Number 10
Year of Publication: 2014
Authors: Mohamed A. Ismail, H. Aboelseoud M, Mohamed B. Senousy
10.5120/17218-7454

Mohamed A. Ismail, H. Aboelseoud M, Mohamed B. Senousy . An Investigation into Access Control in Various Types of Operating Systems. International Journal of Computer Applications. 98, 10 ( July 2014), 9-15. DOI=10.5120/17218-7454

@article{ 10.5120/17218-7454,
author = { Mohamed A. Ismail, H. Aboelseoud M, Mohamed B. Senousy },
title = { An Investigation into Access Control in Various Types of Operating Systems },
journal = { International Journal of Computer Applications },
issue_date = { July 2014 },
volume = { 98 },
number = { 10 },
month = { July },
year = { 2014 },
issn = { 0975-8887 },
pages = { 9-15 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume98/number10/17218-7454/ },
doi = { 10.5120/17218-7454 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T22:25:50.524691+05:30
%A Mohamed A. Ismail
%A H. Aboelseoud M
%A Mohamed B. Senousy
%T An Investigation into Access Control in Various Types of Operating Systems
%J International Journal of Computer Applications
%@ 0975-8887
%V 98
%N 10
%P 9-15
%D 2014
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Access control is a security aspect whose importancy increases with technology advances as it forms the core of any security system. Access control can be applied at the operating system (OS) level, middle-ware level, or the application level. The objective of this investigation is to give a detailed overview of access control mechanisms implemented in various types of OSs like general purpose OSs, mobile OSs and distributed OSs. Finally, the paper outlines the main problems and challenges of access control, and proposes future directions in the access control field of research.

References
  1. Lazouski, Aliaksandr, Fabio Martinelli, and Paolo Mori. "Usage control in computer security: A survey. " Computer Science Review 4. 2 (2010): 81-99.
  2. LAMPSON, B. W. 1971. Protection. 5th Princeton Symposium on Information Science and Systems. Reprinted in ACM Operating Systems Review 8, 1, 18–24, 1974
  3. Russell D, Gangemi GT. Computer security basics. Sebastopol, CA:O'Reilly and Associates; 1991.
  4. Ramachandran R, Pearce DJ, Welch I. AspectJ for multilevel security. In: The 5th AOSD workshop on aspects, components, and patterns for infrastructure software (ACP4IS). Bonn, Germany; 2006. p. 1–5.
  5. SANDHU, R. , COYNE, E. , FEINSTEIN, H. , AND YOUMAN,C. 1996. Role based access control models. IEEE Computer 29, 2.
  6. Schreuders, Z. Cliffe, Tanya McGill, and Christian Payne. "The state of the art of application restrictions and sandboxes: A survey of application-oriented access controls and their shortfalls. " Computers & Security 32 (2013): 219-241. ?
  7. Andress, Jason. The basics of information security: understanding the fundamentals of InfoSec in theory and practice. Access Online via Elsevier, 2011.
  8. Dalton, Chris I. , Tse Huong Choo, and Andrew P. Norman. "Design of secure UNIX. " Information Security Technical Report 7. 1 (2002): 37-56.
  9. Mellander, Jim. "Unix Filesystem Security. " Information Security Technical Report 7. 1 (2002): 11-25.
  10. Sterne, Daniel F. , et al. "Scalable access control for distributed object systems. " Proceedings of the 8th USENIX Security Symposium. 1999. ?
  11. Carr, Steve, and Jean Mayo. "Teaching access control with domain type enforcement. " Journal of Computing Sciences in Colleges 27. 1 (2011): 74-80. ?
  12. R. E. Smith, Mandatory protection for internet server software," in Proceedings of the 12th Annual Computer Security Applications Conference, ser. ACSAC '96. Washington, DC, USA: IEEE Computer Society,1996,pp. 178{. [Online]. Available:http://dl. acm. org/citation. cfm?id=784588. 784626
  13. Matthews, Christopher James. Isolating Legacy Applications with Lind. Diss. University of Victoria, 2013. ?
  14. Rául Siles Peláez. Linux kernel rootkits: protecting the systems ``ring-zero''. GIAC Unix Security Administrator (GCUX), May 2004.
  15. C. Wright, C. Cowan, J. Morris, S. Smalley, and G. Kroah-Hartman. Linux Security Modules: General Security Support for the Linux Kernel. In Proceedings of the 11th Annual USENIX Security Symposium, pages 17–31, San Francisco,California, August 2002.
  16. Mayer, F. , MacMillan, K. , & Caplan, D. (2007). SELinux by example: using security enhanced Linux. Upper Saddle River, NJ: Prentice Hall.
  17. http://windowsitpro. com/windows-server-012/exploring-windows-server-2012-dynamic-access-ontrol.
  18. http://www. infoq. com/news/2012/l0/Dynamic-Access-Control.
  19. http://www. informit. com/guides/content. aspx?g=windowsserver&seqNum=306
  20. http://en. wikipedia. org/wiki/Mandatory_Integrity_Control
  21. http://www. sans. org/reading-room/analysts-program/ access-control-foxt
  22. http://blog. avecto. com/2012/05/application-sandboxing-in-windows 8/
  23. Ni, Xudong, et al. "DiffUser: Differentiated user access control on smartphones. " Mobile Adhoc and Sensor Systems, 2009. MASS'09. IEEE 6th International Conference on. IEEE, 2009.
  24. Shabtai, Asaf et al. "Google Android: A state-of-the-art review of security mechanisms. " arXiv preprint arXiv: 09l2. 5l01 (2009).
  25. Bugiel, Sven, et al. "Towards taming privilege-escalation attacks on Android. " Proceedings of the 19th Annual Symposium on Network and Distributed System Security. 2012.
  26. Mylonas, Alexios, et al. "On the feasibility of malware attacks in smartphone platforms. " E-Business and Telecommunications. Springer Berlin Heidelberg, 2012. 217-232.
  27. Wang, Tielei, et al. "Jekyll on iOS: when benign apps become evil. " Presented as part of the 22nd USENIX Security Symposium}. USENIX}, 2013.
  28. Blazakis, Dionysus. "The Apple Sandbox. " Arlington, VA, January (2011).
  29. Narasimban, P. , Louise E. Moser, and P. Michael Melliar-Smith. "Using interceptors to enhance CORBA. " Computer 32. 7 (1999): 62-68.
  30. Hartman, Bret, Donald J. Flinn, and Konstantin Beznosov. Enterprise Security with EJB and CORBA. Vol. 16. John Wiley & Sons, 2002. ?
  31. Deng, Robert H. , et al. "Integrating security in CORBA based object architectures. " Security and Privacy, 1995. Proceedings. , 1995 IEEE Symposium on. IEEE, 1995. ?
  32. Lang, Ulrich, and Rudolf Schreiner. Developing secure distributed systems with CORBA. Artech house, 2002. ?
  33. Park, Jaehong, and Sandhu Ravi (2004). The UCONabc usage control model. ACM Trans. Inf. Syst. Secur. , 7:128–174.
  34. Teigão, Rafael, Carlos Maziero, and Altair Santin. "Applying a usage control model in an operating system kernel. " Journal of Network and Computer Applications 34. 4 (2011): 1342-1352. ?
  35. M. Xu, X. Jiang, R. Sandhu, X. Zhang, Towards a VMM­based usage control framework for OS kernel integrity protection,in: SACMAT'07: Proceedings of the 12th ACM Symposium on Access Control Models and Technologies, ACM, NewYork, NY,USA, 2007, pp. 71–80.
  36. D. Kyle, J. C. Brustoloni, Uclinux: A linux security module for trusted­computing­based usage controls enforcement,in: STC'07: Proceedings of ACMWorkshop on Scalable Trusted Computing, ACM, New York, NY, USA, 2007, pp. 63–70.
  37. M. Alam, J. ­P. Seifert, Q. Li, X. Zhang, Usage control platformization via trustworthy SELinux, in: ASIACCS'08: Proceedings of ACM Symposium on Information, Computer and Communications Security, ACM, New York, NY, USA, 2008, pp. 245–248.
  38. Ray, Indrakshi, and Indrajit Ray. "Access Control Challenges for Cyber-Physical Systems. "?
  39. Usability Meets Access Control Challenges and Research Opportunities 2009.
  40. Garnes, Håvard Husevåg. "Access Control in Multi-Thousand-Machine Datacenters. " (2008). ?
  41. http://en. m. wikipedia. org/wiki/Ultra-large-scale_systems
  42. Danwei, Chen, Huang Xiuli, and Ren Xunyi. "Access control of cloud service based on ucon. " Cloud Computing. Springer Berlin Heidelberg, 2009. 559-564.
  43. Suhendra, Vivy. "A survey on access control deployment. " Security Technology. Springer Berlin Heidelberg, 2011. 11-20. ?
Index Terms

Computer Science
Information Sciences

Keywords

Access Control Operating System Security Usage Control