SLR-SELinux: Enhancing the Security Footstone of SEAndroid with Security Label Randomization

The root privilege escalation attack is extremely destructive to the security of the Android system. SEAndroid implements mandatory access control to the system through the SELinux security policy at the kernel mode, making the general root privilege escalation attacks unenforceable. However, malicious attackers can exploit the Linux kernel vulnerability of privilege escalation to modify the SELinux security labels of the process arbitrarily to obtain the desired permissions and undermine system security. Therefore, investigating the protection method of the security labels in the SELinux kernel is urgent. And the impact on the existing security configuration of the system must also be reduced. This paper proposes an optimization scheme of the SELinux mechanism based on security label randomization to solve the aforementioned problem. At the system runtime, the system randomizes the mapping of the security labels inside and outside the kernel to protect the privileged security labels of the system from illegal obtainment and tampering by attackers. This method is transparent to users; therefore, users do not need to modify the existing system security configuration. A tamper-proof detection method of SELinux security label is also proposed to further improve the security of the method. It detects and corrects the malicious tampering behaviors of the security label in the critical process of the system timely. The above methods are implemented in the Linux system, and the effectiveness of security defense is proven through theoretical analysis and experimental verification. Numerous experiments show that the effect of this method on system performance is less than 1%, and the success probability of root privilege escalation attack is less than 10−9.

Download Full-text

Research on Security Management of Library Computer Network System

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.687-691.1720 ◽

2014 ◽

Vol 687-691 ◽

pp. 1720-1723

Author(s):

Xu Wang

Keyword(s):

Network Security ◽

Security Policy ◽

Computer Network ◽

Rapid Development ◽

Security Management ◽

System Security ◽

Network System ◽

Network Systems ◽

Computer Network Security ◽

The Impact

With the rapid development of network science and technology, people are dependent on the network and usage greatly improved, but the network to bring convenience, but it also brings a lot of network security issues, it has become a constraint library computer network construction greatest limiting factor. This paper describes the impact of the library computer network system security management of specific issues, according to the system requirements of practical application, in terms of the system operating environment, hardware systems, software systems, network systems and system data, such as design of the library computer network system security policy and implementation are discussed. Through the library computer network security threats faced by the system proposed safety management, regulations are important to ensure the development and implementation of computer network system security. Proposed library computer network system security management strategies, we hope to enhance the library computer network security have some help.

Download Full-text

An Empirical Study on the Impact of Industrial Security Awareness and Knowledge of Corporate Employees on the Will to Comply with Security Policy

Korean Journal of Industry Security ◽

10.33388/kais.2020.10.2.059 ◽

2020 ◽

Vol 10 (2) ◽

pp. 59-78

Author(s):

Eun-Hee Shin ◽

◽

Chang-Moo Lee ◽

Hang-Bae Chang

Keyword(s):

Empirical Study ◽

Security Policy ◽

Security Awareness ◽

Industrial Security ◽

The Will ◽

The Impact

Download Full-text

Republic of Moldova in the Context of Regional Security Challenges in Eastern Europe

Історико-політичні проблеми сучасного світу ◽

10.31861/mhpi2018.37-38.281-286 ◽

2018 ◽

pp. 299-304

Author(s):

Stefan Tibuleac

Keyword(s):

Eastern Europe ◽

Security Policy ◽

Security System ◽

Regional Security ◽

Strategic Uncertainty ◽

European Security ◽

Republic Of Moldova ◽

The Republic ◽

The Impact

This article analyzes the most current security issues for the Republic of Moldova that are part of the regional security context of Eastern Europe –the region that can be considered the epicenter of international tensions through which the„geopolitical line of fracture”passes. The geographical position of the Republic of Moldova makes this state particularly sensitive to any negative trends in theregion. Growing of international tensions creates security threats and complicates economic development. From a historical point of view, Moldova has repeatedly fallen victim by the confrontation of the great powers. Therefore, the Republic of Moldova has a vital interest in preventing a new conflict in Eastern Europe. This article is based on a number of assumptions made by changes in the European security environment, such as the „shift of weight” to the East, strategic uncertainty, increasing the role of non-state actors, the situation in eastern Ukraine, etc. Based on these assumptions, this article makes an attempt to outline the potential role of the Republic of Moldova in the Eastern European security system, taking into account the desideratum for integration of the republic into the European Union. Other relevant factors will be taken into account for shaping the role of the Republic of Moldova in the European security system, namely: the security deficit; the impact of NATO and EU security policy; the rebirth of the project to create a regional defense alliance, etc. This article will largely take into account the military aspects of security. Keywords: Republic of Moldova, national security, Eastern Europe, NATO, Intermarium, defence, threats, risks, challenges

Download Full-text

Quantum Divide and Compute: Exploring the Effect of Different Noise Sources

SN Computer Science ◽

10.1007/s42979-021-00508-9 ◽

2021 ◽

Vol 2 (3) ◽

Author(s):

Thomas Ayral ◽

François-Marie Le Régent ◽

Zain Saleem ◽

Yuri Alexeev ◽

Martin Suchara

Keyword(s):

Success Probability ◽

Quantum Circuit ◽

Noise Sources ◽

Output Distribution ◽

Tensor Network ◽

Learning Machine ◽

Society Annual ◽

The Impact ◽

Noise Models ◽

Detailed Derivation

AbstractOur recent work (Ayral et al. in Proceedings of IEEE computer society annual symposium on VLSI, ISVLSI, pp 138–140, 2020. 10.1109/ISVLSI49217.2020.00034) showed the first implementation of the Quantum Divide and Compute (QDC) method, which allows to break quantum circuits into smaller fragments with fewer qubits and shallower depth. This accommodates the limited number of qubits and short coherence times of quantum processors. This article investigates the impact of different noise sources—readout error, gate error and decoherence—on the success probability of the QDC procedure. We perform detailed noise modeling on the Atos Quantum Learning Machine, allowing us to understand tradeoffs and formulate recommendations about which hardware noise sources should be preferentially optimized. We also describe in detail the noise models we used to reproduce experimental runs on IBM’s Johannesburg processor. This article also includes a detailed derivation of the equations used in the QDC procedure to compute the output distribution of the original quantum circuit from the output distribution of its fragments. Finally, we analyze the computational complexity of the QDC method for the circuit under study via tensor-network considerations, and elaborate on the relation the QDC method with tensor-network simulation methods.

Download Full-text

REGIONAL SECURITY DYNAMICS IN NORTHERN EUROPE (ON THE EXAMPLE OF NORWAY) IN THE LIGHT OF RECENT CHANGES

BULLETIN Series of Sociological and Political sciences ◽

10.51889/2021-1.1728-8940.14 ◽

2020 ◽

Vol 73 (1) ◽

pp. 103-111

Author(s):

D. Kalibekuly ◽

◽

Y.S. Chukubayev ◽

Keyword(s):

North Atlantic ◽

Member Country ◽

Security Policy ◽

Security System ◽

Regional Security ◽

Northern Europe ◽

The North ◽

The North Atlantic ◽

The Impact

The paper examines the dynamics of regional security in Norway as a part of Northern Europe. Being a political and geographical part of the Euro-Atlantic security system. Northern Europe, in its turn, is experiencing the impact of the confrontation between Russia and NATO. Norway's security policy analyzed from the perspective of a regional leader, as a NATO member country participating in the operations of the North Atlantic Alliance and as NATO's northern wing.

Download Full-text

Mandatory access control scheme based on security label for state power control system

Network Security and Communication Engineering ◽

10.1201/b18660-9 ◽

2015 ◽

pp. 41-46

Keyword(s):

Control System ◽

Access Control ◽

Power Control ◽

State Power ◽

Mandatory Access Control ◽

Control Scheme ◽

Power Control System ◽

Security Label

Download Full-text

Hedging between the United States and China? South Korea’s ideology-driven behavior and its implications for national security

International Relations of the Asia-Pacific ◽

10.1093/irap/lcab020 ◽

2021 ◽

Author(s):

Min-hyung Kim

Keyword(s):

United States ◽

National Security ◽

North Korea ◽

Security Policy ◽

The United States ◽

Security Cooperation ◽

Potential Threat ◽

The Impact ◽

Secondary State ◽

Cooperation Partner

Abstract Given the limits of the prevailing hedging account for Seoul’s puzzling behavior that is in conformity with the interests of its adversary (i.e. North Korea) and potential threat (i.e. China) rather than those of its principal ally (i.e. the United States) and security cooperation partner (i.e. Japan), this article emphasizes the impact of the progressive ideology on Seoul’s security policy. In doing so, it calls for attention to a domestic source of ideology in explaining the security behaviors of a secondary state, which is under-researched and thus is poorly understood.

Download Full-text

Impact of Deterrence and Inertia on Information Security Policy Changes

Journal of Information Systems ◽

10.2308/isys-52400 ◽

2019 ◽

Vol 34 (1) ◽

pp. 123-134

Author(s):

Kalana Malimage ◽

Nirmalee Raddatz ◽

Brad S. Trinkle ◽

Robert E. Crossler ◽

Rebecca Baaske

Keyword(s):

Information Security ◽

Security Policy ◽

Online Survey ◽

Security Policies ◽

Security Measures ◽

Policy Changes ◽

Information Security Policy ◽

Improve Compliance ◽

The Impact

ABSTRACT This study examines the impact of deterrence and inertia on information security policy changes. Corporations recognize the need to prioritize information security, which sometimes involves designing and implementing new security measures or policies. Using an online survey, we investigate the effect of deterrent sanctions and inertia on respondents' intentions to comply with modifications to company information security policies. We find that certainty and celerity associated with deterrent sanctions increase compliance intentions, while inertia decreases respondents' compliance intentions related to modified information security policies. Therefore, organizations must work to overcome employees' reluctance to change in order to improve compliance with security policy modifications. They may also consider implementing certain and timely sanctions for noncompliance.

Download Full-text