Abstract
The protection of network security components, such as firewalls and Intrusion Detection Systems, is a serious problem which, if not solved, may lead a remote adversary to compromise the security of other components, and even to obtain the control of the system itself. We are actually working on the development of a kernel based access control method, which intercepts and cancels forbidden system calls potentially launched by a remote attacker. This way, even if the attacker gains administration permissions, she will not achieve her purpose. To solve the administration constraints of our approach, we use a smart card based authentication mechanism for ensuring the administrator's identity. In this paper, we present an enhanced version of our authentication mechanism, based on a public key cryptographic protocol. Through this protocol, our protection module efficiently verifies administrator's actions before granting her the privileges to manipulate a component.
| Original language | English |
|---|---|
| Pages (from-to) | 415-424 |
| Number of pages | 10 |
| Journal | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
| Volume | 4277 LNCS - I |
| DOIs | |
| Publication status | Published - 1 Jan 2006 |
| Externally published | Yes |
| Event | OTM 2006 Workshops - OTM Confederated International Workshops - Montpellier, France Duration: 29 Oct 2006 → 3 Nov 2006 |