LSMPMON: Performance evaluation mechanism of LSM-based secure OS

Toshihiro Yamauchi; Kenji Yamamoto

LSMPMON: Performance evaluation mechanism of LSM-based secure OS

Research output: Contribution to journal › Article › peer-review

Abstract

Security focused OS (Secure OS) is attracting attention as a method for minimizing damage caused by various intrusions. Secure OSs can restrict the damage due to an attack by using Mandatory Access Control (MAC). In some projects, secure OSs for Linux have been developed. In these OSs, different implementation methods have been adopted. However, there is no method for easily evaluating the performance of the secure OS in detail, and the relationship between the implementation method and the performance is not clear. The secure OS in Linux after version 2.6 has often been implemented by Linux Security Modules (LSM). Therefore, we determine the effect of introducing the secure OS on the performance of the OS by using the overhead measurement tool, the LSM Performance Monitor (LSMPMON). This paper reports the evaluation results of three secure OSs on Linux 2.6.36 by LSMPMON. The results show the effect of introducing the secure OS.

Original language	English
Pages (from-to)	81-90
Number of pages	10
Journal	International Journal of Security and its Applications
Volume	6
Issue number	2
Publication status	Published - Aug 8 2012

Keywords

LSM
Linux
Performance evaluation
Secure OS

ASJC Scopus subject areas

Computer Science(all)

Cite this

@article{c26672cbc8634b538d6b42477ffb84b6,

title = "LSMPMON: Performance evaluation mechanism of LSM-based secure OS",

abstract = "Security focused OS (Secure OS) is attracting attention as a method for minimizing damage caused by various intrusions. Secure OSs can restrict the damage due to an attack by using Mandatory Access Control (MAC). In some projects, secure OSs for Linux have been developed. In these OSs, different implementation methods have been adopted. However, there is no method for easily evaluating the performance of the secure OS in detail, and the relationship between the implementation method and the performance is not clear. The secure OS in Linux after version 2.6 has often been implemented by Linux Security Modules (LSM). Therefore, we determine the effect of introducing the secure OS on the performance of the OS by using the overhead measurement tool, the LSM Performance Monitor (LSMPMON). This paper reports the evaluation results of three secure OSs on Linux 2.6.36 by LSMPMON. The results show the effect of introducing the secure OS.",

keywords = "LSM, Linux, Performance evaluation, Secure OS",

author = "Toshihiro Yamauchi and Kenji Yamamoto",

year = "2012",

month = aug,

day = "8",

language = "English",

volume = "6",

pages = "81--90",

journal = "International Journal of Security and its Applications",

issn = "1738-9976",

publisher = "Science and Engineering Research Support Society",

number = "2",

}

TY - JOUR

T1 - LSMPMON

T2 - Performance evaluation mechanism of LSM-based secure OS

AU - Yamauchi, Toshihiro

AU - Yamamoto, Kenji

PY - 2012/8/8

Y1 - 2012/8/8

N2 - Security focused OS (Secure OS) is attracting attention as a method for minimizing damage caused by various intrusions. Secure OSs can restrict the damage due to an attack by using Mandatory Access Control (MAC). In some projects, secure OSs for Linux have been developed. In these OSs, different implementation methods have been adopted. However, there is no method for easily evaluating the performance of the secure OS in detail, and the relationship between the implementation method and the performance is not clear. The secure OS in Linux after version 2.6 has often been implemented by Linux Security Modules (LSM). Therefore, we determine the effect of introducing the secure OS on the performance of the OS by using the overhead measurement tool, the LSM Performance Monitor (LSMPMON). This paper reports the evaluation results of three secure OSs on Linux 2.6.36 by LSMPMON. The results show the effect of introducing the secure OS.

AB - Security focused OS (Secure OS) is attracting attention as a method for minimizing damage caused by various intrusions. Secure OSs can restrict the damage due to an attack by using Mandatory Access Control (MAC). In some projects, secure OSs for Linux have been developed. In these OSs, different implementation methods have been adopted. However, there is no method for easily evaluating the performance of the secure OS in detail, and the relationship between the implementation method and the performance is not clear. The secure OS in Linux after version 2.6 has often been implemented by Linux Security Modules (LSM). Therefore, we determine the effect of introducing the secure OS on the performance of the OS by using the overhead measurement tool, the LSM Performance Monitor (LSMPMON). This paper reports the evaluation results of three secure OSs on Linux 2.6.36 by LSMPMON. The results show the effect of introducing the secure OS.

KW - LSM

KW - Linux

KW - Performance evaluation

KW - Secure OS

UR - http://www.scopus.com/inward/record.url?scp=84864741109&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84864741109&partnerID=8YFLogxK

M3 - Article

AN - SCOPUS:84864741109

SN - 1738-9976

VL - 6

SP - 81

EP - 90

JO - International Journal of Security and its Applications

JF - International Journal of Security and its Applications

IS - 2

ER -

LSMPMON: Performance evaluation mechanism of LSM-based secure OS

Abstract

Keywords

ASJC Scopus subject areas

Other files and links

Fingerprint

Cite this