A Trustworthy Usage Control Enforcement Framework

2013 ◽  
Vol 5 (3) ◽  
pp. 34-49 ◽  
Author(s):  
Ricardo Neisse ◽  
Alexander Pretschner ◽  
Valentina Di Giacomo
Keyword(s):  
Operating System ◽  
Trusted Computing ◽  
Enterprise Service Bus ◽  
Computing Technology ◽  
Levels Of Abstraction ◽  
Usage Control ◽  
Design And Implementation ◽  
Separation Of Duty ◽  
Enforcement Mechanisms ◽  
Different Levels

Usage control policies specify restrictions on the handling of data after access has been granted. The authors present the design and implementation of a framework for enforcing usage control requirements and demonstrate its genericity by instantiating it to two different levels of abstraction, those of the operating system and an enterprise service bus. This framework consists of a policy language, an automatic conversion of policies into enforcement mechanisms, and technology implemented on the grounds of trusted computing technology that makes it possible to detect tampering with the infrastructure. The authors show how this framework can, among other things, be used to enforce separation-of-duty policies. The authors provide a performance analysis.

scholarly journals Research on Linux Trusted Boot Method Based on Reverse Integrity Verification

2016 ◽  
Vol 2016 ◽  
pp. 1-12 ◽  
Author(s):  
Chenlin Huang ◽  
Chuanwang Hou ◽  
Huadong Dai ◽  
Yan Ding ◽  
Songling Fu ◽  
...  
Keyword(s):  
Operating System ◽  
Large Scale ◽  
Trusted Computing ◽  
Computing Environment ◽  
Computing Technology ◽  
Integrity Verification ◽  
Computing Platform ◽  
Secure Hardware ◽  
Trusted Hardware ◽  
Verification Model

Trusted computing aims to build a trusted computing environment for information systems with the help of secure hardware TPM, which has been proved to be an effective way against network security threats. However, the TPM chips are not yet widely deployed in most computing devices so far, thus limiting the applied scope of trusted computing technology. To solve the problem of lacking trusted hardware in existing computing platform, an alternative security hardware USBKey is introduced in this paper to simulate the basic functions of TPM and a new reverse USBKey-based integrity verification model is proposed to implement the reverse integrity verification of the operating system boot process, which can achieve the effect of trusted boot of the operating system in end systems without TPMs. A Linux operating system booting method based on reverse integrity verification is designed and implemented in this paper, with which the integrity of data and executable files in the operating system are verified and protected during the trusted boot process phase by phase. It implements the trusted boot of operation system without TPM and supports remote attestation of the platform. Enhanced by our method, the flexibility of the trusted computing technology is greatly improved and it is possible for trusted computing to be applied in large-scale computing environment.

scholarly journals Optimal enforcement of (timed) properties with uncontrollable events

2017 ◽  
Vol 29 (1) ◽  
pp. 169-214 ◽  
Author(s):  
MATTHIEU RENARD ◽  
YLIÈS FALCONE ◽  
ANTOINE ROLLET ◽  
THIERRY JÉRON ◽  
HERVÉ MARCHAND
Keyword(s):  
Levels Of Abstraction ◽  
Deterministic Automaton ◽  
Enforcement Mechanism ◽  
Runtime Enforcement ◽  
Design And Implementation ◽  
Running System ◽  
Uncontrollable Event ◽  
Enforcement Mechanisms ◽  
Timed Properties

This paper deals with runtime enforcement of untimed and timed properties with uncontrollable events. Runtime enforcement consists in defining and using mechanisms that modify the executions of a running system to ensure their correctness with respect to a desired property. We introduce a framework that takes as input any regular (timed) property described by a deterministic automaton over an alphabet of events, with some of these events being uncontrollable. An uncontrollable event cannot be delayed nor intercepted by an enforcement mechanism. Enforcement mechanisms should satisfy important properties, namely soundness, compliance and optimality – meaning that enforcement mechanisms should output as soon as possible correct executions that are as close as possible to the input execution. We define the conditions for a property to be enforceable with uncontrollable events. Moreover, we synthesise sound, compliant and optimal descriptions of runtime enforcement mechanisms at two levels of abstraction to facilitate their design and implementation.

scholarly journals Model-Driven Architectural Framework towards Safe and Secure Nuclear Power Reactors

Sensors ◽  
2021 ◽  
Vol 21 (15) ◽  
pp. 5136
Author(s):  
Bassem Ouni ◽  
Christophe Aussagues ◽  
Saadia Dhouib ◽  
Chokri Mraidha
Keyword(s):  
Nuclear Power ◽  
Nuclear Reactors ◽  
System Development ◽  
Levels Of Abstraction ◽  
Model Driven ◽  
Case System ◽  
Architectural Framework ◽  
Performance Check ◽  
High Level ◽  
Different Levels

Sensor-based digital systems for Instrumentation and Control (I&C) of nuclear reactors are quite complex in terms of architecture and functionalities. A high-level framework is highly required to pre-evaluate the system’s performance, check the consistency between different levels of abstraction and address the concerns of various stakeholders. In this work, we integrate the development process of I&C systems and the involvement of stakeholders within a model-driven methodology. The proposed approach introduces a new architectural framework that defines various concepts, allowing system implementations and encompassing different development phases, all actors, and system concerns. In addition, we define a new I&C Modeling Language (ICML) and a set of methodological rules needed to build different architectural framework views. To illustrate this methodology, we extend the specific use of an open-source system engineering tool, named Eclipse Papyrus, to carry out many automation and verification steps at different levels of abstraction. The architectural framework modeling capabilities will be validated using a realistic use case system for the protection of nuclear reactors. The proposed framework is able to reduce the overall system development cost by improving links between different specification tasks and providing a high abstraction level of system components.

Design of ARM Based Embedded Operating System Micro Kernel

2013 ◽  
Vol 347-350 ◽  
pp. 1799-1803
Author(s):  
Bo Qu ◽  
Zhao Zhi Wu
Keyword(s):  
Operating System ◽  
Core Layer ◽  
Embedded Operating System ◽  
Time Sharing ◽  
Tool Chain ◽  
Design And Implementation ◽  
System Calls ◽  
Three Layer Architecture ◽  
Technical Details ◽  
And Task

This paper describes the design and implementation of an ARM based embedded operating system micro kernel developed on Linux platform with GNU tool chain in technical details, including the three-layer architecture of the kernel (boot layer, core layer and task layer), multi-task schedule (priority for real-time and round-robin for time-sharing), IRQ handler, SWI handler, system calls, and inter-task communication based on which the micro-kernel architecture is constructed. On the foundation of this micro kernel, more components essential to a practical operating system, such as file system and TCP/IP processing, can be added in order to form a real and practical multi-task micro-kernel embedded operating system.

Moral und Hypermoral

2016 ◽  
Author(s):  
Arnold Gehlen
Keyword(s):  
Behavioral Science ◽  
Philosophical Anthropology ◽  
The State ◽  
Sociological Research ◽  
Levels Of Abstraction ◽  
The Enlightenment ◽  
Broad Scope ◽  
Magnum Opus ◽  
Different Levels ◽  
Evolutionary Interpretation

Moral and Hypermoral, Arnold Gehlen´s final book-length publication, is an elaboration on basic theses which had initially been brought forward in Gehlen´s anthropological magnum opus "Der Mensch". In this respect, this draft of a "pluralistic ethics" is conceived as an elaboration on as well as a concretion of his doctrine of man. In this book, Gehlen set himself the task of combining anthropology, behavioral science, and sociology in a “genealogy of morality”, thus exposing four interdependent forms of ethics: from an ethos of "reciprocity" via “eudaimonism” and “humanitarianism” to an ethos of institutions, including the state. Gehlen made a decisive stand against the "abstract ethics of the Enlightenment": systematically, his book is primarily an anthropological justification of ethics, conceived as a "majority of moral authorities" and "social regulations." These are not subjected to an evolutionary interpretation, that is, as progress from an ethics of proximity to a world-encompassing morality. Moralities, whether based on instinct or arising from the needs of particular institutions, are always culturally shaped and set on different levels of abstraction. With its broad scope, the book belongs in the context of basic philosophical-sociological research known as philosophical anthropology.

Sign in / Sign up

Export Citation Format

Share Document