2014
DOI: 10.1049/iet-ifs.2012.0346
|View full text |Cite
|
Sign up to set email alerts
|

Operating system security by integrity checking and recovery using write‐protected storage

Abstract: The paper presents an Integrity Checking and Recovery (ICAR) system which protects file system integrity and automatically restores modified files. The system enables files cryptographic hashes generation and verification, as well as configuration of security constraints. All of the crucial data, including ICAR system binaries, file backups and hashes database are stored in a physically write protected storage to eliminate the threat of unauthorized modification. A buffering mechanism was designed and implemen… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1

Citation Types

0
4
0

Year Published

2015
2015
2021
2021

Publication Types

Select...
5
2

Relationship

0
7

Authors

Journals

citations
Cited by 12 publications
(4 citation statements)
references
References 16 publications
0
4
0
Order By: Relevance
“…It can recover the original version of the subvirted file from a backup. Unlike ICAR, [2] stores all of the crucial data in a physically write-protected storage, and uses them to check file integrity. XenRIM [3] runs in Xen environment where the agents are running in VMs to intercept file operations and the server is running in Dom0 to receive logs sent by agents.…”
Section: Related Workmentioning
confidence: 99%
“…It can recover the original version of the subvirted file from a backup. Unlike ICAR, [2] stores all of the crucial data in a physically write-protected storage, and uses them to check file integrity. XenRIM [3] runs in Xen environment where the agents are running in VMs to intercept file operations and the server is running in Dom0 to receive logs sent by agents.…”
Section: Related Workmentioning
confidence: 99%
“…Based on VMI technology, many security monitor systems [12]- [14] have been proposed to protect VMs. Compared with the in-VM security tools [15], [16], VMI-based monitors are more secure and transparent.…”
Section: Related Workmentioning
confidence: 99%
“…Thus, there is no doubt that hash functions such as SHA-1 and SHA-2 have shown their usefulness in designing many existing verification proposals, and they are used as the measurement agent by the Trusted Computing Group [9], [10], [24]- [28]. For instance, [29] have utilized cryptographic hash generation and verification to introduce an integrity checking and recovery system solution to increase computer system security by the integrity checking of files that are vital for system operation. Also, they suggest storing all of the essential data in physically write-protected storage to reduce the threat of illegal alteration.…”
Section: Related Workmentioning
confidence: 99%