Evaluation of performance of secure OS using performance evaluation mechanism of LSM-based LSMPMON

Kenji Yamamoto, Toshihiro Yamauchi

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

Security focused OS (Secure OS) is attracting attention as a method for minimizing damage caused by various intrusions. Secure OSes can restrict the damage due to an attack by using Mandatory Access Control (MAC). In some projects, secure OSes for Linux have been developed. In these OSes, different implementation methods have been adopted. However, there is no method for easily evaluating the performance of the secure OS in detail, and the relationship between the implementation method and the performance is not clear. The secure OS in Linux after version 2.6 has often been implemented by Linux Security Modules (LSM). Therefore, we determine the effect of introducing the secure OS on the performance of the OS, and a characteristic by the difference of the implementation method by using the overhead measurement tool, the LSM Performance Monitor (LSMPMON); the LSMPMON can be used to evaluate three different secure OSes.

Original languageEnglish
Title of host publicationCommunications in Computer and Information Science
Pages57-67
Number of pages11
Volume122 CCIS
DOIs
Publication statusPublished - 2010
Event2010 International Conferences on Security Technology, SecTech 2010 and Disaster Recovery and Business Continuity, DRBC 2010, Held as Part of the 2nd International Mega-Conference on Future Generation Information Technology, FGIT 2010 - Jeju Island, Korea, Republic of
Duration: Dec 13 2010Dec 15 2010

Publication series

NameCommunications in Computer and Information Science
Volume122 CCIS
ISSN (Print)18650929

Other

Other2010 International Conferences on Security Technology, SecTech 2010 and Disaster Recovery and Business Continuity, DRBC 2010, Held as Part of the 2nd International Mega-Conference on Future Generation Information Technology, FGIT 2010
CountryKorea, Republic of
CityJeju Island
Period12/13/1012/15/10

Fingerprint

Access control
Linux

Keywords

  • Linux
  • LSM
  • Performance Evaluation
  • Secure OS

ASJC Scopus subject areas

  • Computer Science(all)

Cite this

Yamamoto, K., & Yamauchi, T. (2010). Evaluation of performance of secure OS using performance evaluation mechanism of LSM-based LSMPMON. In Communications in Computer and Information Science (Vol. 122 CCIS, pp. 57-67). (Communications in Computer and Information Science; Vol. 122 CCIS). https://doi.org/10.1007/978-3-642-17610-4_7

Evaluation of performance of secure OS using performance evaluation mechanism of LSM-based LSMPMON. / Yamamoto, Kenji; Yamauchi, Toshihiro.

Communications in Computer and Information Science. Vol. 122 CCIS 2010. p. 57-67 (Communications in Computer and Information Science; Vol. 122 CCIS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Yamamoto, K & Yamauchi, T 2010, Evaluation of performance of secure OS using performance evaluation mechanism of LSM-based LSMPMON. in Communications in Computer and Information Science. vol. 122 CCIS, Communications in Computer and Information Science, vol. 122 CCIS, pp. 57-67, 2010 International Conferences on Security Technology, SecTech 2010 and Disaster Recovery and Business Continuity, DRBC 2010, Held as Part of the 2nd International Mega-Conference on Future Generation Information Technology, FGIT 2010, Jeju Island, Korea, Republic of, 12/13/10. https://doi.org/10.1007/978-3-642-17610-4_7
Yamamoto K, Yamauchi T. Evaluation of performance of secure OS using performance evaluation mechanism of LSM-based LSMPMON. In Communications in Computer and Information Science. Vol. 122 CCIS. 2010. p. 57-67. (Communications in Computer and Information Science). https://doi.org/10.1007/978-3-642-17610-4_7
Yamamoto, Kenji ; Yamauchi, Toshihiro. / Evaluation of performance of secure OS using performance evaluation mechanism of LSM-based LSMPMON. Communications in Computer and Information Science. Vol. 122 CCIS 2010. pp. 57-67 (Communications in Computer and Information Science).
@inproceedings{ad7acd9e9cfc44c2a6b68f64462b428d,
title = "Evaluation of performance of secure OS using performance evaluation mechanism of LSM-based LSMPMON",
abstract = "Security focused OS (Secure OS) is attracting attention as a method for minimizing damage caused by various intrusions. Secure OSes can restrict the damage due to an attack by using Mandatory Access Control (MAC). In some projects, secure OSes for Linux have been developed. In these OSes, different implementation methods have been adopted. However, there is no method for easily evaluating the performance of the secure OS in detail, and the relationship between the implementation method and the performance is not clear. The secure OS in Linux after version 2.6 has often been implemented by Linux Security Modules (LSM). Therefore, we determine the effect of introducing the secure OS on the performance of the OS, and a characteristic by the difference of the implementation method by using the overhead measurement tool, the LSM Performance Monitor (LSMPMON); the LSMPMON can be used to evaluate three different secure OSes.",
keywords = "Linux, LSM, Performance Evaluation, Secure OS",
author = "Kenji Yamamoto and Toshihiro Yamauchi",
year = "2010",
doi = "10.1007/978-3-642-17610-4_7",
language = "English",
isbn = "3642176097",
volume = "122 CCIS",
series = "Communications in Computer and Information Science",
pages = "57--67",
booktitle = "Communications in Computer and Information Science",

}

TY - GEN

T1 - Evaluation of performance of secure OS using performance evaluation mechanism of LSM-based LSMPMON

AU - Yamamoto, Kenji

AU - Yamauchi, Toshihiro

PY - 2010

Y1 - 2010

N2 - Security focused OS (Secure OS) is attracting attention as a method for minimizing damage caused by various intrusions. Secure OSes can restrict the damage due to an attack by using Mandatory Access Control (MAC). In some projects, secure OSes for Linux have been developed. In these OSes, different implementation methods have been adopted. However, there is no method for easily evaluating the performance of the secure OS in detail, and the relationship between the implementation method and the performance is not clear. The secure OS in Linux after version 2.6 has often been implemented by Linux Security Modules (LSM). Therefore, we determine the effect of introducing the secure OS on the performance of the OS, and a characteristic by the difference of the implementation method by using the overhead measurement tool, the LSM Performance Monitor (LSMPMON); the LSMPMON can be used to evaluate three different secure OSes.

AB - Security focused OS (Secure OS) is attracting attention as a method for minimizing damage caused by various intrusions. Secure OSes can restrict the damage due to an attack by using Mandatory Access Control (MAC). In some projects, secure OSes for Linux have been developed. In these OSes, different implementation methods have been adopted. However, there is no method for easily evaluating the performance of the secure OS in detail, and the relationship between the implementation method and the performance is not clear. The secure OS in Linux after version 2.6 has often been implemented by Linux Security Modules (LSM). Therefore, we determine the effect of introducing the secure OS on the performance of the OS, and a characteristic by the difference of the implementation method by using the overhead measurement tool, the LSM Performance Monitor (LSMPMON); the LSMPMON can be used to evaluate three different secure OSes.

KW - Linux

KW - LSM

KW - Performance Evaluation

KW - Secure OS

UR - http://www.scopus.com/inward/record.url?scp=78650792280&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=78650792280&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-17610-4_7

DO - 10.1007/978-3-642-17610-4_7

M3 - Conference contribution

AN - SCOPUS:78650792280

SN - 3642176097

SN - 9783642176098

VL - 122 CCIS

T3 - Communications in Computer and Information Science

SP - 57

EP - 67

BT - Communications in Computer and Information Science

ER -