Type-Based File Access Control Policy

With widely use of computer technology and network, malicious attacks to operating system and application show an increasing trend in recent year. Many malware attacking operating system and application would tamper 、delete and replace files of system and applications. Access control is an important tool to protect files of operating system and application from malicious attacks. But the excessive authorities of programs in system are the fundamental reason of the lim ited capacity of existing access control policies in protecting system and applications. The excessive authorities mean that programs of system and applications can access files which they should not access to. In order to limit programs’ rights and protecting system and applcation files, this paper proposes a type-based file access control policy in which system and application files are stored and the access to files are controlled by file type. The capability of this policy in protecting system and application files against known and unknown malicious attacks has been proved. The major works of paper is as follow:1) Analyse and summarize the fundamental reason of the attacks to operating system and applications is the excessive authorities of programs. Dppe ly analysed the mechanism of many heck techneque attacking software. According to the attacking mechanism of viruses、worms and trojans, two conclusions can be given: a)most malware will access to files of operating system and application illegally for residing in system for long term; b)the programs in system have excessive authorities is the fundamental reason of why malicious attacks to system and applications are easy to success.2) Propose the basic idea of type-based file access control policy: a)running programs of operating system don’t rely on files of applications but only the files of operating system. Files of system and applications relied on by running programs of application are stationary;b)store application and system files and directories by their types, and take access control for them, can limit the accesses to them raised by programs.3) Describe the model o f type-based file access control policy. Summarize and prove the secure properties of TBFAC. The properties show that TBFAC can intercept most illegal accesses to system and application files in real time, make the authority of applications least, restrict the damage of malware and have defensive capability against system programs hijacked by malwares. Analyse the risk of TBFAC and define the risk as number of attacked files at one moment. The application risk of TBFAC is the set of files belong to attacked application and a few applications. The operating system risk of TBFAC is the set of operating system files that applications can read and write.4) Design and implement a secure system of TBFAC in Windows. Decribe the structure of secure system, implement the system and test the defensive capability against malicious attack and performance of it. The test result shows that the secure system applying TBFAC has good reliability and can defense against most malicious attacks to operating system and applications, with little influence to the performance of operating system.