Thibaud Ecarot, Samuel Dussault, Ameni Souid, L. Lavoie, J. Éthier
{"title":"健康数据访问控制:评估风险和收益","authors":"Thibaud Ecarot, Samuel Dussault, Ameni Souid, L. Lavoie, J. Éthier","doi":"10.1109/IOTSMS52051.2020.9340206","DOIUrl":null,"url":null,"abstract":"The AppArmor Linux Security Module (LSM) is widely used on Linux operating systems as it, among other things, provides mandatory access control (MAC) and isolates processes. This isolation helps meet the privacy requirements for critical applications. These application security policies are defined with profiles loaded into the Linux system kernel. However, these access control mechanisms are far from covering all the rising demands for confidentiality enforcement regarding critical applications. This paper conducts a risks and benefits analysis to assess whether a healthcare infrastructure can safely rely on the AppArmor LSM to protect its sensitive data. Thus, the general architecture of AppAmor comes to be detailed. Then, a static code analysis is performed to study the data structures found in the LSM. Finally, the outbreak of would-be side-channel attacks from userspace is discussed while offering mitigation methods. The result of this analysis shows that the AppArmor LSM is susceptible to side-channel attacks and should be used as part of a more comprehensive defense-in-depth strategy.","PeriodicalId":147136,"journal":{"name":"2020 7th International Conference on Internet of Things: Systems, Management and Security (IOTSMS)","volume":"52 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-12-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"AppArmor For Health Data Access Control: Assessing Risks and Benefits\",\"authors\":\"Thibaud Ecarot, Samuel Dussault, Ameni Souid, L. Lavoie, J. Éthier\",\"doi\":\"10.1109/IOTSMS52051.2020.9340206\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The AppArmor Linux Security Module (LSM) is widely used on Linux operating systems as it, among other things, provides mandatory access control (MAC) and isolates processes. This isolation helps meet the privacy requirements for critical applications. These application security policies are defined with profiles loaded into the Linux system kernel. However, these access control mechanisms are far from covering all the rising demands for confidentiality enforcement regarding critical applications. This paper conducts a risks and benefits analysis to assess whether a healthcare infrastructure can safely rely on the AppArmor LSM to protect its sensitive data. Thus, the general architecture of AppAmor comes to be detailed. Then, a static code analysis is performed to study the data structures found in the LSM. Finally, the outbreak of would-be side-channel attacks from userspace is discussed while offering mitigation methods. The result of this analysis shows that the AppArmor LSM is susceptible to side-channel attacks and should be used as part of a more comprehensive defense-in-depth strategy.\",\"PeriodicalId\":147136,\"journal\":{\"name\":\"2020 7th International Conference on Internet of Things: Systems, Management and Security (IOTSMS)\",\"volume\":\"52 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-12-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 7th International Conference on Internet of Things: Systems, Management and Security (IOTSMS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IOTSMS52051.2020.9340206\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 7th International Conference on Internet of Things: Systems, Management and Security (IOTSMS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IOTSMS52051.2020.9340206","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
摘要
AppArmor Linux Security Module (LSM)广泛用于Linux操作系统,因为它提供了强制访问控制(MAC)和隔离进程等功能。这种隔离有助于满足关键应用程序的隐私要求。这些应用程序安全策略是通过加载到Linux系统内核中的配置文件定义的。然而,这些访问控制机制远远不能满足关键应用程序的所有日益增长的保密要求。本文进行了风险和收益分析,以评估医疗保健基础设施是否可以安全地依赖AppArmor LSM来保护其敏感数据。因此,详细介绍了AppAmor的总体架构。然后,执行静态代码分析来研究LSM中发现的数据结构。最后,讨论了来自用户空间的潜在侧通道攻击的爆发,同时提供了缓解方法。分析结果表明,AppArmor LSM容易受到侧信道攻击,应该作为更全面的纵深防御策略的一部分使用。
AppArmor For Health Data Access Control: Assessing Risks and Benefits
The AppArmor Linux Security Module (LSM) is widely used on Linux operating systems as it, among other things, provides mandatory access control (MAC) and isolates processes. This isolation helps meet the privacy requirements for critical applications. These application security policies are defined with profiles loaded into the Linux system kernel. However, these access control mechanisms are far from covering all the rising demands for confidentiality enforcement regarding critical applications. This paper conducts a risks and benefits analysis to assess whether a healthcare infrastructure can safely rely on the AppArmor LSM to protect its sensitive data. Thus, the general architecture of AppAmor comes to be detailed. Then, a static code analysis is performed to study the data structures found in the LSM. Finally, the outbreak of would-be side-channel attacks from userspace is discussed while offering mitigation methods. The result of this analysis shows that the AppArmor LSM is susceptible to side-channel attacks and should be used as part of a more comprehensive defense-in-depth strategy.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
