Michigan Technological University Digital Commons @ Michigan Tech Dissertations, Master's Theses and Master's Dissertations, Master's Theses and Master's Reports - Open Reports 2014 A FIREWALL MODEL OF FILE SYSTEM SECURITY Lihui Hu Michigan Technological University Follow this and additional works at: https://digitalcommons.mtu.edu/etds Part of the Computer Sciences Commons Copyright 2014 Lihui Hu Recommended Citation Hu, Lihui, "A FIREWALL MODEL OF FILE SYSTEM SECURITY", Dissertation, Michigan Technological University, 2014. https://doi.org/10.37099/mtu.dc.etds/786 Follow this and additional works at: https://digitalcommons.mtu.edu/etds Part of the Computer Sciences Commons A FIREWALL MODEL OF FILE SYSTEM SECURITY By Lihui Hu A DISSERTATION Submitted in partial fulfillment of the requirements for the degree of DOCTOR OF PHILOSOPHY In Computer Science MICHIGAN TECHNOLOGICAL UNIVERSITY 2014 This dissertation has been approved in partial fulfillment of the requirements for the Degree of DOCTOR OF PHILOSOPHY in Computer Science. Department of Computer Science Thesis Advisor: Dr. Jean Mayo Committee Member: Dr. Steve Carr Committee Member: Dr. Soner Onder Committee Member: Dr. Haiying Liu Department Chair: Dr. Charles Wallace Table of Contents List of Figures .................................................................................................................. viii List of Tables ..................................................................................................................... ix Acknowledgements ..............................................................................................................x Preface................................................................................................................................ xi Abstract ............................................................................................................................. xii 1. Introduction ......................................................................................................................1 2. Background ......................................................................................................................5 2.1 UNIX/Linux Operating Systems................................................................................5 2.2 File System, Super Block, Inode................................................................................6 2.3 Virtual File System (VFS) .........................................................................................7 2.4 Terminology in Access Control .................................................................................8 2.4.1 Subject and Object ..............................................................................................8 2.4.2 MAC and DAC ...................................................................................................9 2.4.3 Principles of Computer Security .........................................................................9 2.5 Access Control Models, Schemes and Extensions ..................................................10 2.5.1 Multilevel Security ............................................................................................10 2.5.2 Access Control Matrix ......................................................................................10 2.5.3 Access Control Lists .........................................................................................11 2.5.4 Capabilities .......................................................................................................11 2.5.5 Domain and Type Enforcement (DTE) .............................................................11 2.5.6 Role Based Access Control (RBAC) ................................................................12 2.5.7 Locks and Keys .................................................................................................13 2.6 HRU Model and the Safety Problem .......................................................................14 2.6.1 HRU Model .......................................................................................................14 2.6.2 The Safety Problem ...........................................................................................15 iii 2.7 Network Firewall .....................................................................................................16 2.8 Current File System Protection ................................................................................17 2.8.1 Basic Security Scheme ......................................................................................17 2.8.2 Unix/Linux Security Modules and Extensions .................................................18 3. Related Work .................................................................................................................20 3.1 Linux Security Module ............................................................................................20 3.2 Rule-Set Based Access Control ...............................................................................21 3.3 Attribute Based Access Control ...............................................................................22 3.4 Sandboxing ..............................................................................................................22 3.5 Redirecting FileSystem ............................................................................................23 3.6 Other Proposals ........................................................................................................23 4. File System Firewall Model ...........................................................................................26 4.1 Motivation ................................................................................................................26 4.1.1 Accommodate Complicated Access Control Requirements .............................26 4.1.2 Integrity Protection of the File System .............................................................27 4.1.3 Ease of Administration .....................................................................................30 4.1.4 MAC for Specified Subjects and Objects .........................................................31 4.1.5 Redirection ........................................................................................................32 4.1.6 Flexibility ..........................................................................................................32 4.2 The Definitions of Firewall Model ..........................................................................32 4.2.1 File System Firewall (FSF) ...............................................................................33 4.2.2 Filter Rules ........................................................................................................34 4.2.3 Three Types of Filter Rules ..............................................................................35 4.3 Features and Usage ..................................................................................................35 4.3.1 MAC Control ....................................................................................................35 4.3.2 Conditional Access Control with Multiple Attributes ......................................35 4.3.3 Ease of Adoption and Administration ...............................................................36 iv 4.3.4 Redirection ........................................................................................................36 4.3.5 Usage .................................................................................................................37 4.4 The Operational Specifications of the Firewall Model ............................................37 4.4.1 Definitions of Basic Components .....................................................................37 4.4.2 Operational Specifications ................................................................................40 5. Prototype Implementation and Performance Test ..........................................................43 5.1 Possible Approaches ................................................................................................43 5.1.1 Stackable File System .......................................................................................43 5.1.2 Linux Security Module (LSM) .........................................................................45 5.2 Components .............................................................................................................45 5.3 Design Concern ........................................................................................................46 5.4 The Prototype of the Firewall Model .......................................................................46 5.4.1 The Implementation of the Prototype ...............................................................47 5.4.2 Work Flow ........................................................................................................49 5.4.3 The Structure of the Prototype ..........................................................................50 5.4.4 Filter Rule Set Management .............................................................................51 5.5 Performance Test .....................................................................................................53 5.5.1 Filter Rule Loading ...........................................................................................53 5.5.2