The Experts below are selected from a list of 24 Experts worldwide ranked by ideXlab platform
Daniel Mosse - One of the best experts on this subject based on the ideXlab platform.
-
Network I/O Extensibility without Administrator Privilege
2009 Fifth International Conference on Autonomic and Autonomous Systems, 2009Co-Authors: Takashi Okumura, Bruce Childers, Daniel MosseAbstract:Kernel extension mechanisms for network I/O are very useful for creating customized packet processing. However, such extensions have been accessible only to system Administrators for security reasons. This paper investigates an approach to realize network I/O extensibility without Administrator Privilege. To this end, we build on a novel virtualization scheme developed for network control, hierarchical virtualization of network interfaces, which allows recursive creation of the virtualized network interfaces and attaches the created interfaces to OS entities, such as sockets and processes. We show that the hierarchical virtualization has desirable properties for safe execution of packet processing code inside OS kernels, even by ordinary users and untrusted applications. For proof-of-concept, functionality of the system is demonstrated by a prototype implementation and execution profiling is taken to verify if such a kernel extensibility can be realized at practical performance overhead. The systematic experiments illustrated that the hierarchical virtualization can realize kernel extensibility without Administrator Privilege.
-
ICAS - Network I/O Extensibility without Administrator Privilege
2009 Fifth International Conference on Autonomic and Autonomous Systems, 2009Co-Authors: Takashi Okumura, Bruce R. Childers, Daniel MosseAbstract:Kernel extension mechanisms for network I/O are very useful for creating customized packet processing. However, such extensions have been accessible only to system Administrators for security reasons. This paper investigates an approach to realize network I/O extensibility without Administrator Privilege. To this end, we build on a novel virtualization scheme developed for network control, hierarchical virtualization of network interfaces, which allows recursive creation of the virtualized network interfaces and attaches the created interfaces to OS entities, such as sockets and processes. We show that the hierarchical virtualization has desirable properties for safe execution of packet processing code inside OS kernels, even by ordinary users and untrusted applications. For proof-of-concept, functionality of the system is demonstrated by a prototype implementation and execution profiling is taken to verify if such a kernel extensibility can be realized at practical performance overhead. The systematic experiments illustrated that the hierarchical virtualization can realize kernel extensibility without Administrator Privilege.
Jin Kwak - One of the best experts on this subject based on the ideXlab platform.
-
Administrator Privilege management system classification of u city management center
The Journal of Advanced Navigation Technology, 2009Co-Authors: Wansuck Yi, Woong Go, Jin KwakAbstract:Recently, a lot of nations are establish and researches the u-City which ubiquitous technology based city, and u-City Management Center(UMC) is also establish and researches. Technical researches of UMC are increasing. However, Administrator Privilege management researches for UMC is not enough. If we don't manage to Administrator Privilege who can access and control all of information in UMC, security problems will be occurs. Therefore, in this paper, analyses of Administrator Privilege management security problems, and proposed Administrator Privilege management system classification.
Takashi Okumura - One of the best experts on this subject based on the ideXlab platform.
-
Network I/O Extensibility without Administrator Privilege
2009 Fifth International Conference on Autonomic and Autonomous Systems, 2009Co-Authors: Takashi Okumura, Bruce Childers, Daniel MosseAbstract:Kernel extension mechanisms for network I/O are very useful for creating customized packet processing. However, such extensions have been accessible only to system Administrators for security reasons. This paper investigates an approach to realize network I/O extensibility without Administrator Privilege. To this end, we build on a novel virtualization scheme developed for network control, hierarchical virtualization of network interfaces, which allows recursive creation of the virtualized network interfaces and attaches the created interfaces to OS entities, such as sockets and processes. We show that the hierarchical virtualization has desirable properties for safe execution of packet processing code inside OS kernels, even by ordinary users and untrusted applications. For proof-of-concept, functionality of the system is demonstrated by a prototype implementation and execution profiling is taken to verify if such a kernel extensibility can be realized at practical performance overhead. The systematic experiments illustrated that the hierarchical virtualization can realize kernel extensibility without Administrator Privilege.
-
ICAS - Network I/O Extensibility without Administrator Privilege
2009 Fifth International Conference on Autonomic and Autonomous Systems, 2009Co-Authors: Takashi Okumura, Bruce R. Childers, Daniel MosseAbstract:Kernel extension mechanisms for network I/O are very useful for creating customized packet processing. However, such extensions have been accessible only to system Administrators for security reasons. This paper investigates an approach to realize network I/O extensibility without Administrator Privilege. To this end, we build on a novel virtualization scheme developed for network control, hierarchical virtualization of network interfaces, which allows recursive creation of the virtualized network interfaces and attaches the created interfaces to OS entities, such as sockets and processes. We show that the hierarchical virtualization has desirable properties for safe execution of packet processing code inside OS kernels, even by ordinary users and untrusted applications. For proof-of-concept, functionality of the system is demonstrated by a prototype implementation and execution profiling is taken to verify if such a kernel extensibility can be realized at practical performance overhead. The systematic experiments illustrated that the hierarchical virtualization can realize kernel extensibility without Administrator Privilege.
Wansuck Yi - One of the best experts on this subject based on the ideXlab platform.
-
Administrator Privilege management system classification of u city management center
The Journal of Advanced Navigation Technology, 2009Co-Authors: Wansuck Yi, Woong Go, Jin KwakAbstract:Recently, a lot of nations are establish and researches the u-City which ubiquitous technology based city, and u-City Management Center(UMC) is also establish and researches. Technical researches of UMC are increasing. However, Administrator Privilege management researches for UMC is not enough. If we don't manage to Administrator Privilege who can access and control all of information in UMC, security problems will be occurs. Therefore, in this paper, analyses of Administrator Privilege management security problems, and proposed Administrator Privilege management system classification.
Woong Go - One of the best experts on this subject based on the ideXlab platform.
-
Administrator Privilege management system classification of u city management center
The Journal of Advanced Navigation Technology, 2009Co-Authors: Wansuck Yi, Woong Go, Jin KwakAbstract:Recently, a lot of nations are establish and researches the u-City which ubiquitous technology based city, and u-City Management Center(UMC) is also establish and researches. Technical researches of UMC are increasing. However, Administrator Privilege management researches for UMC is not enough. If we don't manage to Administrator Privilege who can access and control all of information in UMC, security problems will be occurs. Therefore, in this paper, analyses of Administrator Privilege management security problems, and proposed Administrator Privilege management system classification.