Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 

Saved Queries

Sign in to use this feature.

Search Filter Reset All

Years

Between: -

Subjects

remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
Add Subjects Reset
Select Subjects

Journals

remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
Add Journals Reset
Select Journals

Article Types

remove_circle_outline
remove_circle_outline
Add Article Types Reset
Select Article Types

Countries / Regions

remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
Add Countries / Regions Reset
Select Countries / Regions
Update Search
share announcement

Search Results (4)

Search Parameters:
Keywords = Mandatory Access Control (MAC)

Order results
Result details
Results per page
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
18 pages, 448 KiB  
Article
User Armor: An Extension for AppArmor
by Mario Alviano and Pierpaolo Sestito
Algorithms 2025, 18(4), 185; https://doi.org/10.3390/a18040185 - 24 Mar 2025
Viewed by 1026
Abstract
AppArmor is a mandatory access control (MAC) system for Linux based on profiles. It focuses on protecting processes, without differentiating profiles based on the users running the processes themselves. Moreover, it does not implement inheritance mechanisms to simplify the management of profiles and [...] Read more.
AppArmor is a mandatory access control (MAC) system for Linux based on profiles. It focuses on protecting processes, without differentiating profiles based on the users running the processes themselves. Moreover, it does not implement inheritance mechanisms to simplify the management of profiles and avoid the duplication of rules. This work introduces UserArmor, an extension of AppArmor that overcomes the aforementioned limitations by allowing specific profiles to be associated with users and implementing an inheritance system to reduce complexity, improve reusability, and ensure consistency in security rules. An application to Answer Set Programming is discussed. Full article
(This article belongs to the Collection Feature Papers in Algorithms for Multidisciplinary Applications)
Show Figures

Figure 1

12 pages, 2787 KiB  
Article
Mandatory Access Control Method for Windows Embedded OS Security
by Chaeho Cho, Yeonsang Seong and Yoojae Won
Electronics 2021, 10(20), 2478; https://doi.org/10.3390/electronics10202478 - 12 Oct 2021
Cited by 7 | Viewed by 4684
Abstract
The Windows Embedded operating system (OS) adopts a discretionary access control (DAC)-based policy, but underlying vulnerabilities exist because of external hacker attacks and other factors. In this study, we propose a system that improves the security of the Windows Embedded OS by applying [...] Read more.
The Windows Embedded operating system (OS) adopts a discretionary access control (DAC)-based policy, but underlying vulnerabilities exist because of external hacker attacks and other factors. In this study, we propose a system that improves the security of the Windows Embedded OS by applying a mandatory access control (MAC) policy in which the access rights of objects, such as files and folders, and subjects’ privileges, such as processes, are compared. We conducted access control tests to verify whether the proposed system could avoid the vulnerabilities of DAC-based systems. Our results indicate that the existing DAC-based security systems could be neutralized if a principal’s security policy is removed. However, in the proposed MAC-based Windows Embedded OS, even if the clearance and category values of a subject’s files are given the highest rating, all accesses are automatically denied. Therefore, the execution of all files that were not previously registered on the whitelist was denied, proving that security was improved relative to DAC-based systems. Full article
(This article belongs to the Section Networks)
Show Figures

Figure 1

17 pages, 363 KiB  
Review
Blockchain Platforms and Access Control Classification for IoT Systems
by Adam Ibrahim Abdi, Fathy Elbouraey Eassa, Kamal Jambi, Khalid Almarhabi and Abdullah Saad AL-Malaise AL-Ghamdi
Symmetry 2020, 12(10), 1663; https://doi.org/10.3390/sym12101663 - 12 Oct 2020
Cited by 35 | Viewed by 5613
Abstract
The Internet of Things paradigm is growing rapidly. In fact, controlling this massive growth of IoT globally raises new security and privacy issues. The traditional access control mechanisms provide security to IoT systems such as DAC (discretionary access control) and mandatory access control [...] Read more.
The Internet of Things paradigm is growing rapidly. In fact, controlling this massive growth of IoT globally raises new security and privacy issues. The traditional access control mechanisms provide security to IoT systems such as DAC (discretionary access control) and mandatory access control (MAC). However, these mechanisms are based on central authority management, which raises some issues such as absence of scalability, single point of failure, and lack of privacy. Recently, the decentralized and immutable nature of blockchain technology integrated with access control can help to overcome privacy and security issues in the IoT. This paper presents a review of different access control mechanisms in IoT systems. We present a comparison table of reviewed access control mechanisms. The mechanisms’ scalability, distribution, security, user-centric, privacy and policy enforcing are compared. In addition, we provide access control classifications. Finally, we highlight challenges and future research directions in developing decentralized access control mechanisms for IoT systems. Full article
Show Figures

Figure 1

24 pages, 2884 KiB  
Article
Using Proven Reference Monitor Patterns for Security Evaluation
by Mark R. Heckman and Roger R. Schell
Information 2016, 7(2), 23; https://doi.org/10.3390/info7020023 - 26 Apr 2016
Cited by 7 | Viewed by 12691
Abstract
The most effective approach to evaluating the security of complex systems is to deliberately construct the systems using security patterns specifically designed to make them evaluable. Just such an integrated set of security patterns was created decades ago based on the Reference Monitor [...] Read more.
The most effective approach to evaluating the security of complex systems is to deliberately construct the systems using security patterns specifically designed to make them evaluable. Just such an integrated set of security patterns was created decades ago based on the Reference Monitor abstraction. An associated systematic security engineering and evaluation methodology was codified as an engineering standard in the Trusted Computer System Evaluation Criteria (TCSEC). This paper explains how the TCSEC and its Trusted Network Interpretation (TNI) constitute a set of security patterns for large, complex and distributed systems and how those patterns have been repeatedly and successfully used to create and evaluate some of the most secure government and commercial systems ever developed. Full article
(This article belongs to the Special Issue Evaluating the Security of Complex Systems)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying article 1-50 on page 1 of 1.
Back to TopTop