Security Improvement of File System Filter Driver in Windows Embedded OS


Yeon Sang Seong, Chaeho Cho, Young Pyo Jun, Yoojae Won, Journal of Information Processing Systems Vol. 17, No. 4, pp. 834-850, Aug. 2021  

https://doi.org/10.3745/JIPS.03.0165
Keywords: access control, File System Filter Driver, mandatory access control, Whitelist, Windows Embedded OS
Fulltext:

Abstract

IT security companies have been releasing file system filter driver security solutions based on the whitelist, which are being used by several enterprises in the relevant industries. However, in February 2019, a whitelist vulnerability was discovered in Microsoft Edge browser, which allows malicious code to be executed unknown to users. If a hacker had inserted a program that executed malicious code into the whitelist, it would have resulted in considerable damage. File system filter driver security solutions based on the whitelist are discretionary access control (DAC) models. Hence, the whitelist is vulnerable because it only considers the target subject to be accessed, without taking into account the access rights of the file target object. In this study, we propose an industrial device security system for Windows to address this vulnerability, which improves the security of the security policy by determining not only the access rights of the subject but also those of the object through the application of the mandatory access control (MAC) policy in the Windows industrial operating system. The access control method does not base the security policy on the whitelist; instead, by investigating the setting of the security policy not only for the subject but also the object, we propose a method that provides improved stability, compared to the conventional whitelist method.


Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from November 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.




Cite this article
[APA Style]
Seong, Y., Cho, C., Jun, Y., & Won, Y. (2021). Security Improvement of File System Filter Driver in Windows Embedded OS. Journal of Information Processing Systems, 17(4), 834-850. DOI: 10.3745/JIPS.03.0165.

[IEEE Style]
Y. S. Seong, C. Cho, Y. P. Jun, Y. Won, "Security Improvement of File System Filter Driver in Windows Embedded OS," Journal of Information Processing Systems, vol. 17, no. 4, pp. 834-850, 2021. DOI: 10.3745/JIPS.03.0165.

[ACM Style]
Yeon Sang Seong, Chaeho Cho, Young Pyo Jun, and Yoojae Won. 2021. Security Improvement of File System Filter Driver in Windows Embedded OS. Journal of Information Processing Systems, 17, 4, (2021), 834-850. DOI: 10.3745/JIPS.03.0165.