Article in Russian
For citation: Koveshnikov M.G., Shcheglov K.A., Shcheglov A.Yu. Abstract models for system virtualization.
Scientific and Technical Journal of Information Technologies, Mechanics and Optics, 2015, vol.15, no. 3, pp. 483–492.
Abstract
The paper is dedicated to issues of system objects securing (system files and user system or application configuration files) against unauthorized access including denial of service attacks. We have suggested the method and developed abstract system virtualization models, which are used toresearch attack scenarios for different virtualization modes. Estimation for system tools virtualization technology effectiveness is given. Suggested technology is based on redirection of access requests to system objects shared among access subjects. Whole and partial system virtualization modes have been modeled. The difference between them is the following: in the whole virtualization mode all copies of access system objects are created whereon subjects’ requests are redirected including corresponding application objects;in the partial virtualization mode corresponding copies are created only for part of a system, for example, only system objects for applications. Alternative solutions effectiveness is valued relating to different attack scenarios. We consider proprietary and approved technical solution which implements system virtualization method for Microsoft Windows OS family. Administrative simplicity and capabilities of correspondingly designed system objects security tools are illustrated on this example. Practical significance of the suggested security method has been confirmed.
Keywords: informational security, system object, security, denial of service, system tool virtualization, attack scenario, abstract model.
References
1. Shcheglov K.A., Shcheglov A.Yu. Metod sessionnogo kontrolya dostupa k failovym ob"ektam. Voprosy prakticheskoi realizatsii Method of session control access to file objects. Issues of practical implementation]. Vestnik Komp'yuternykh i Informatsionnykh Tekhnologii, 2014, no. 8 (122), pp. 54–60.
2. Shcheglov K.A., Shcheglov A.Yu. Novyi podkhod k zashchite dannykh v informatsionnoi sisteme [New approach to data securing in information system]. Izv. vuzov. Priborostroenie, 2015, vol. 58, no. 3, pp. 157– 166. doi: 10.17586/0021-3454-2015-58-3-157-166
3. Shcheglov K.A., Shcheglov A.Yu. Zashchita ot atak na uyazvimosti prilozhenii [Securing Against Applications Threats]. Informatsionnye Tekhnologii, 2014, no. 9, pp. 34–39.
4. Shcheglov A.J., Shcheglov K.A. System for Controlling File Access Based on Automatic Tagging Thereof. Patent RU2524566, 2014.
5. Shcheglov K.A., Shcheglov A.Yu. Kontrol' dostupa k statichnym failovym ob"ektam [Access control to static file objects]. Voprosy Zashchity Informatsii, 2012, no. 2 (97), pp. 12–20.
6. Kim S.-K., Ma S.-Y., Moon J. A novel secure architecture of the virtualized server system. Journal of Supercomputing, 2015. doi: 10.1007/s11227-015-1401-4
7. Jithin R., Chandran P. Virtual Machine Isolation. Communications in Computer and Information Science, 2014, vol. 420 CCIS, pp. 91–102. doi: 10.1007/978-3-642-54525-2_8
8. Pektas A., Acarman T. A dynamic malware analyzer against virtual machine aware malicious software. Security and Communication Networks, 2014, vol. 7, no. 12, pp. 2245–2257. doi: 10.1002/sec.931
9. Luo X., Yang L., Hao D., Liu F., Wang D. On data and virtualization security risks and solutions of cloud computing. Journal of Networks, 2014, vol. 9, no. 3, pp. 571–581. doi: 10.4304/jnw.9.3.571-581
10. Win T.Y., Tianfield H., Mair Q. Virtualization security combining mandatory access control and virtual machine introspection. Proc. IEEE/ACM 7th Int. Conf. on Utility and Cloud Computing, UCC 2014. London, 2015, pp. 1004–1009. doi: 10.1109/UCC.2014.165
11. Shcheglov A.J., Shcheglov K.A. System for Reforming Object in Access Request. Patent RU2538918, 2015.
12. Shcheglov A.Yu., Pavlichenko I.P., Kornetov S.V., Shcheglov K.A. Kompleksnaya Sistema Zashchity Informatsii «Pantsir'+» dlya OS Microsoft Windows. Svidetel'stvo o gosudarstvennoi registratsii programmy dlya EVM 2014660889 [Integrated Security System "Carapace+" for MS Windows. Certificate of state registration of the computer program 2014660889], 2014.
13. Shcheglov A.J., Shcheglov K.A. Access Control System to Resources of Computer System with Subject of Access "User, Processes". Patent RU2534599, 2014.
14. Shcheglov K.A., Shcheglov A.Yu. Zashchita ot atak na uyazvimosti prilozhenii. Modeli kontrolya dostupa [Defending against application exploits model of access control]. Voprosy Zashchity Informatsii, 2013, no. 2 (101), pp. 36–43.
15. Shcheglov K.A., Shcheglov A.Yu. Zashchita ot atak so storony prilozhenii, nadelyaemykh vredonosnymi funktsiyami. Modeli kontrolya dostupa [Defending from malicious applications attacks. Access control models]. Voprosy Zashchity Informatsii, 2012, no. 4 (99), pp. 31–36.
';
